Academia Under Siege? How Cyber Attacks Are Disrupting The Education Sector
With the Government releasing their findings from the recent Cyber Security Breaches Survey 2025 - the intense targeting of the education sector has once again been highlighted…
Educational institutions are always a top target for cyber criminals looking to access large databases of sensitive information. With many institutions holding data on thousands of students, staff and third-party suppliers/contractors, cyber criminals are very aware of the lucrative potential of an educational institution breach.
Among secondary schools in the UK, 60% had reported a breach or attack over the past 12 months, however this statistic is even more alarming for further education colleges (85%) and higher education institutions such as universities (91%), with both experiencing particularly high rates of attack – highlighting the scale of the issue faced by institutions in the education sector.
Sector Overview - What Are The Key Statistics?
Education institutions across the board were far more likely to experience a breach or attack than businesses in general (43%).
It was also found that further education colleges and higher education institutions were also more likely than businesses in general to experience a wider range of attack types including:
Impersonation attacks – 68% of further and higher education institutions reported these types of attacks compared to 34% of businesses
Viruses & other malware – 42% of further and higher education institutions reported being targeted with viruses, malware or spyware, compared to only around 18% of businesses.
Denial of service attacks (DDoS) – 35% of further and higher education institutions reported experiencing a DDoS attack over the past 12 months compared to only 5% of businesses.
This wider attack surface makes remaining secure in the sector even more of a challenge - with educational institutions needing to monitor a range of attack types and ensure that they are prepared and have the expertise to deal with various forms of cyber attack.
These is also significant variance in attack frequency between educational institutions and businesses – with around 30% of further and higher education institutions reporting to have experienced breaches or attack attempts on a frequent (basis).
One of the most concerning statistics to have come from the breaches survey report was regarding the outcomes of breaches faced by educational institutions – around 40% of further and higher education institutions reported to have experienced a negative outcome from a breach, meaning that the volume of attacks being directed towards the education sector are having an effect in many instances – highlighting the need for a robust and comprehensive cyber security strategy.
Is Supply Chain Security a Weak Point?
Educational institutions across the sector are consistently neglecting one key area of their NCSC 10 steps to cyber security standing – supply chain security.
It was found that only 29% of primary and 42% of secondary schools undertake some form of supply chain risk monitoring, and the rates don’t increase significantly as we look at further education colleges (48%) and higher education institutions (69%).
Our recent article: Manufacturing Resilience – The Importance of Cyber Security In Supply Chain Management, explores the threats to supply chain cyber security, and offers practical solutions to fortifying your supply chain network.
What Methods Are Attackers Using to Target Higher Education Institutions?
Phishing - Often one of the most common forms of attack across all industries, phishing campaigns are just as prevalent in education, with around 97% of higher education institutions reporting to have experienced a phishing attack in the past 12 months.
Impersonation/Business Email Compromise (BEC) - Around 68% of higher education institutions reported an attack of this kind over the past 12 months. These are a form of targeted phishing attacks where a malicious actor poses as an employee, director or supplier for example, in order to gain unauthorised access to data or payments from unsuspecting employees using social engineering tactics.
Viruses, Spyware & Malware - These are software’s that are intentionally designed to cause disruption to a computer or server, leak private information or gain unauthorised access to information or systems. Around 42% of higher education institutions said they had faced incidents involving one of these attack methods.
Denial of Service (DDoS) Attacks - A Distributed Denial-of-Service (DDoS) attack overwhelms a target server or network with malicious traffic that disrupts normal operations and prevents functionality for legitimate users. DDoS attacks were experienced by around 36% of higher education institutions over the past 12 months.
How Are Educational Institutions Leading The Way?
Despite the heavy targeting of the sector, educational institutions are, perhaps unsurprisingly, leading the way in one key and often overlooked area of cyber security…education itself.
The value of cyber awareness in any sector cannot be underestimated. Maintaining a high degree of cyber security best practice and ensuring staff, students and suppliers understand the risks associated with poor cyber hygiene can have a significant impact on reducing the likelihood of an attack or breach taking place through human error.
Higher education institutions were found to be particularly likely to have conducted testing of staff awareness and response with 94% reporting to have conducted these kinds of tests over the past 12 months – with 77% of further education colleges doing the same.
In addition to staff awareness testing, 72% of higher education institutions (and 58% of further education colleges), have invested in some form of threat intelligence in order to monitor the wider threat landscape and have a greater understanding of what dangers they should be keeping a look out for.
Is The Importance of Pen Testing Being Overlooked?
Despite traditionally being a practice that was fairly common for educational institutions to conduct, penetration testing services being utilised in the sector saw a significant drop over the past 12 months – with higher education institutions likeliness to conduct pen testing down from 81% the previous year, to 69%. The numbers are even lower when looking at further education colleges, with only 65% conducting pen testing in the past year, down from 84% the previous year.
Why Do You Need It?
It is largely agreed that penetration testing should be carried out annually to adhere to cyber best practice. However, it is also recommended that you carry out some form of pen testing as part of any operational change within your business, such as building a new website, launching an app, or migrating to different software or suppliers.
PureCyber’s team of CREST certified penetration testers are here to support your organisation and help you carry out a full range of penetration tests from application testing to infrastructure testing and even red teaming exercises to assess your cyber security in real-time.
How Can PureCyber Help?
The PureCyber team are here to take over the burden of your cyber security and ensure your organisation’s data remains secure and well managed, with proactive monitoring and real-time threat intelligence - providing you with a comprehensive and reliable cyber department to support you in all aspects of your security efforts, including: 24/7 Security Operations Centre (SOC) services, Managed Detection & Response (MDR/EDR) Threat Exposure Management (TEM) & Brand Protection Services & Penetration Testing.
PureCyber is recognised as an Assured Service Provider by the NCSC to offer governance and compliance consultancy services/audits. Contact our team of compliance experts to enquire about our full range of Governance Support - including Cyber Essentials, ISO 27001, FISMA, SOC1 and SOC2 standards.
Get in touch or book a demo for more information on our services and how we can safeguard your organisation with our expert cyber security solutions.
Email: info@purecyber.com. Call: 0800 368 9397
Sources:
Cyber Security Breaches Survey 2025: Education Institutions Findings