Surprisingly, Cyber Attacks Against UK Universities Decrease On Holidays. Are Students to Blame?

3 years ago



Cyber attacks have long been a hot topic, especially as far as universities are concerned. Previously, the Typical Student team told you that 20% of UK Schools Are Threatened by Cyber Attacks. Universities have suffered from data breaches for almost a decade. For instance, Yale recently disclosed major data breach it was hiding for years. However, the latest data on cyber attacks on universities and colleges in the UK might seem surprising. 

Are Students to Blame for Cyber Attacks Against UK Universities?


As told by BBC News, the government-funded agency that deals with cybersecurity issues have studied the timing of 850 attacks during in 2017-2018. Here are the key findings of the study:

  • The timing of cyber attacks has a "clear pattern". The attacks typically happen "during term times and during the working day.'"
  • School holidays and the decrease in the number of cyber attacks correlate. When students go on holidays, "the number of attacks decreases dramatically".
  • There are "suspicions that staff or students could be in the frame”.

Cyber Attacks Patterns According to the Study


The typical time of attacks is around 08:00 or 09:00 with a break until the early afternoon. Also, the pattern proves the attacks nearly die away during "the Christmas, Easter and summer breaks and during half-terms" but resume together with the term resume.

60+ cyber attacks per week that occurred in the autumn term and dramatically decreased to one per week in mid-summer. Isn’t that enough of proof students have something to do with that? All in all, there were 850+ attacks across the UK over the academic year, with 190 universities and colleges under fire. 

In the previous academic year, there were about 600 attacks with 140 institutions suffering from them. Typically, the culprits were disrupting networks, no "malware," "ransomware," or phishing frauds were involved. The common types of attacks are "denial of service" or "distributed denial of service" (DDoS).

recommended for you

Any questions or propositions?