‘Significant increase’ in phone and internet scams, UCL’s cybersecurity chief warns

UCL’s cybersecurity chief has urged students to stay vigilant as UK universities face an unprecedented cyber threat
Andrea Bidnic and Samuel Ducrey
Investigations Editor and News Reporter
“Whoops that one was Eduroam” (Credit: Alejandro Walter Salinas Lopez/UCL Imagestore)

UCL’s Chief Information Officer Sarah Lawson said the University has seen a “significant increase” in phone and social media scams targeting students in recent months.

However, she admitted that “UCL has no way of helping prevent [scams] apart from making people aware” as scammers are now targeting personal devices and social media.

This comes as the MI5 warned UK universities of “hostile states” targeting sensitive research that can “deliver their authoritarian, military and commercial priorities” earlier this year.

It follows a National Cyber Security Centre report from 2019 warning of a “realistic possibility” that cyber threats to universities would increase, both in terms of cybercrime and state-sponsored espionage.

Apart from holding data on sensitive research, such as AI-related innovations which recently earned two Nobel Prizes in Chemistry and Physics, UCL also holds a wealth of personal information as it held onto the title of the second-largest university in the UK with 51,810 students in 2022-23.

Lawson said that universities have been “spotlighted” of late, adding: “Our complex ecosystems and welcoming environments make it easier for those with more malicious intentions to sneak past protections.”

However, the Government has previously warned universities against overreliance on overseas funding, which it said could leave them open to being “influenced, exploited, or even coerced” by foreign powers.

“This is not about erecting fences, this is about balancing evolving threats and protecting the integrity and security of our great institutions”, then deputy prime minister Oliver Dowden said.

Last year, the British Library revealed it lost £1.6 million after a cyberattack caused “substantial” damage and required the installation of a new IT system.

More recently, an i News investigation revealed that Kremlin-backed hackers targeted UK ambulance services as part of a wider attempt to destabilise the country.

Brandon Valeriano, a former lecturer in Global Security at the University of Glasgow said: “Both Russia and China have for decades maintained active espionage campaigns against public universities investigating sensitive national security topics.

“Universities need to be on guard and maintain active defences, often employing support from cyber threat intelligence firms, to promote vigilance.”

Lawson likewise acknowledged Russia as one of the geopolitical threats facing UCL but said her team will “assess the risks dynamically”.

She said UCL has a dedicated team to manage its security strategy and handles “daily incidents” to prevent cyber crime where possible and, failing that, to ensure swift detection and response to minimise impact.

She added: “25 years of doing this job around the world and one thing I can guarantee is that for every great new innovation in technology, there is someone out there keen to maliciously take advantage of it.

“Our job is to try and stay ahead if we can.”

This article appeared in the Digestive 4