Australia’s University of Wollongong (UOW) is taking strong defensive measures against cyber attacks in anticipation of its eventuality said by its spokesperson this week. This is through an effective lessening of the attack surface of University computers and Internet-connected devices as well as regular penetration testing, continued cybersecurity training for University staff and IT security awareness crash course for all students. Penetration testing is a well-planned simulation of an actual cyber attack in order to measure the defensive capabilities and vulnerable attack surface of the target system. The end result of penetration testing is a hardening of the software and hardware infrastructures of UOW in order to be immune to the attacks used during the simulation.
UOW staff and faculty are also taking advantage of Two-factor authentication (2-FA) technology when it comes to logging-in the school’s internal systems. UOW’s actions were a direct result of warning issued by the Auditor General that universities are a big target of cybercriminals, given the age-old bad computing habits practiced in their respective institutions, like delayed updates of essential software and operating systems. The Auditor General emphasized the IT incidents of backdoor hijacking, DDoS (Distributed Denial of Service) attacks, and data breaches as amongst the three most common campaigns cybercriminals launch against their targets.
“The Auditor General did not identify any high-risk matters, IT related or otherwise, during the audit. UOW has not had any major incidents or a breach of cyber protocols. Several minor incidents have been managed successfully when they occurred. Of the eight matters that related to IT, four related to an issue previously identified by the Auditor-General,” explained the UOW spokesperson.
UOW wishes to prevent a repeat of the data breach issue that recently plagued Australian National University, which caused the latter to lose nineteen years worth of personally identifiable information belonging to University stakeholders (staff, students and faculty). “As part of the audit process, the university and the Auditor-General agree on an action plan and a timeframe for addressing the issue raised. Some of the matters have been resolved since the audit; some of the issues are complex and will take more time to resolve, and hence may span a number of years,” concluded UOW spokesperson.