Information Security Awareness Week at Edinburgh University


Edinburgh University’s annual Information Security Awareness Week will commence Monday the 8th of October.

The University of Edinburgh has organised a line-up of talks and workshops that aim to educate students and staff of the dangers of phishing email scams and how they can protect their information online.

The events will take place at various locations across the campus, with the main event scheduled for Wednesday 10th October which will include speakers from The Scottish Business Resilience Centre. Each event has been designed to cover various topics such as ransomware, securing mobile devices, recognising sophisticated phishing scams and what to do in the event of a cyber-attack.

The Information Security Awareness Week will come at a particularly topical time. The Times recently reported that data breaches at British Universities have doubled in the past two years, with a staggering 1,152 reported incidents in the year 2016. It is believed that cyber criminals traced back to Russia, China and the Far East are targeting top universities in an effort to obtain intellectual property. Research data and findings including information about missiles, medical advances and alternative fuels are of particular value to the hackers. More commonly however, cyber criminals aim to collect personal and financial information that they can then use themselves or sell on the dark web.

Edinburgh University was hit by a cyber-attack last month which rendered their wireless student services and left websites inaccessible for several hours. The University works with Jisc, The National Cyber Crime Bureau and with other targeted universities to gain an understanding of each network breach to prevent future attacks occurring.

Jisc, which runs the National Research and Education Network- Janet, which is a built-in cyber security protection that the University of Edinburgh is a member of. It is the job of Jisc to monitor the network for attacks and protect its members’ connection but it is the responsibility of the individual university to safeguard its network. Jisc Senior Media Officer Kate Edser said,

“Cyber security is everyone’s responsibility and cyber-attacks can affect anyone: a student could download ransomware on to their personal laptop; a university finance director could fall for a spear phishing campaign; a professor could become a victim of a sophisticated attack designed to steal intellectual property.”  

Edser added that whilst most universities take cyber security seriously, a recent survey by Jisc found that only 57% of its member universities confirmed it was compulsory for staff to undergo information security awareness training.

“We find that the best defended universities are those with leadership teams which understand the risks and are supportive of the investment required to build robust cyber security strategies.”

Last year, graduates of University of Edinburgh were sent into a state of panic after a network glitch sent out emails stating that their graduation was cancelled. The University quickly assured students that their data had not been compromised and graduation went ahead as planned.

The University of Edinburgh continues to encourage staff and students to ignore suspicious emails and alert the dedicated security team if they believe their information has been accessed. Officials at the University ask network users to stay vigilant for the most commonly employed tactics which seek financial information such as lottery winning scams, student financing issues, lottery winning scams and bogus staff pay-rise emails.

Louise Burns, a third-year Photography student at the Edinburgh College of Art, a branch of the University, said she has received several phishing emails including a particularly bizarre email from a man claiming to want to help students pay for their studies with his lottery winnings. She said:

“I know of a few others who received this email too, it had a link to a fake website and said the guy had selected me for funding. Some of them aren’t so obvious though and it could be easy for a student to mistakenly follow a link – especially if it is about their student loan or something.”



Miss Burns added that the University’s Wifi crashes all the time which interferes with her studies.

Alongside the increasing efforts of universities such as Edinburgh to make its staff and student aware of information security, the Scottish government and the UK government (under the UK National Cyber Security Programme) also allocated £3.5 million to support cyber resilience in Scotland in 2018 to 2019.

By Rachel Lee

Leave a Reply

%d bloggers like this: