Student Loans Company Hit by One Million Cyber Attacks in 2018
Cybercriminals love to target institutions that either holds a lot of personal information or lots of money with weak security. Of course, the mainstream banks have a lot of money but they are spending a lot as well when it comes to cybersecurity system. So what is the next sector to target? Bank-like institutions but with no track record for good IT security, one sector fits the bill, companies who engage with lending.
One example of a very vulnerable company is the Student Loans Company, in fact for 2018 it received approximately a million cyber attacks, one of the worst is cryptocurrency mining malware infection. The Student Loans Company according to Freedom Of Information requests, the student lending firm received 965,639 attacks, including 323 malware infection cases and 235 prank calls. The most embarrassing of which was when its official site slc.co.uk became a host of a Monero cryptojacking virus, with vulnerable visitors of the site becoming infected by it, making Monero coins for the virus authors.
“Firstly we’d stress that malicious online activity affects every organization and individual. It is also necessary to put in context that 99.9 % of the ‘attempts’ recorded in 17/18 present an extremely low level of threat. The apparent increase in 17/18 figures is largely due to changes in the way security incidents are recorded. It is also worth stressing that, while we remain permanently aware and vigilant, every one of these attempts was detected and prevented at an early stage, with no violation of systems or data security. Cyber security will always remain a top priority for SLC and we continue to invest in the technical expertise and resources required to keep information safe,” explained the SLC spokesperson.
SLC has even boasted that the numbers could have been higher if the company has no cybersecurity defense systems in place. However, a million attacks per year mean that there is ‘something’ that cybercriminals want and look for when targeting a certain company. The government student lending firm needs to spend more when it comes to their IT security.
“The sharp rise in cyber attacks is a trend we are seeing in all areas of the public sector, particularly following the WannaCry attack on the NHS in 2017. It’s more important than ever that organisations such as The SLC protects the confidential financial information it holds from third-party attacks, but investing in encryption and cyber initiatives,” emphasized Patrick Sullivan, CEO of Parliament Street.
It is imperative that lending companies need to be as ready as a full fledge banks when it comes to their cybersecurity defense. It takes a lot of time, manpower and cost for establishing a credible defense posture is cheap compared to all the trouble they have to face if a successful cyber attacks against them happens.
“It’s no surprise that cybercriminals are relentlessly targeting the personal financial details of students, putting the wellbeing of tens of thousands of individuals at risk. Tackling this problem means investing heavily in the latest cybersecurity measures, to keep hackers out and limit the risk of a major data breach,” said Terry Ray, Imperva’s Senior VP.
Julia Sowells921 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.