Usually, the blogs detail a successful, in-depth attack. When possible, the attack vector is disclosed. There aren’t a tremendous number of success stories for various reasons. Seemingly most of the successful attacks use the same two or three attack vectors. These work most of the time for the attackers.
Recently, an organization allowed a set of articles to elaborate on their trials and tribulations in the cyberland we call home. Having a company come forward to share their experiences in pleasant in comparison to most of the articles.
Student Loans Company (SLC)
The SLC is a government agency providing student loans for UK university and college students. This is financially a large organization with $117B in outstanding student loans per their 2017/2018 annual report. SLC manages data on its 8.1M registered clients. The data generally is financial in nature, and is considered sensitive and confidential.
Across the board, cybersecurity attacks are on the rise. The attackers figured out how to efficiently generate revenue from these endeavors and have been expanding their reach. The attackers are not going to waste time attacking an organization without a good reason. Their time is treated like a commodity. There is also too much potential liability with an attack. In this example, the sensitive information is ripe to be exfiltrated and sold on the darkweb. The 8.1M records would bring a significant amount for the attackers.
In 2018, SLC was attacked 965,639 times. To put this in perspective, that would be on average 2,646 attacks every single day through the year, including weekends. These included malware attacks, DoS (denial-of-service), malicious calls, and other cyberattacks. Of all the blocked attempts throughout the year, there was one successful attack. Granted, based on where this occurred, the story could be fine or very bad. If this were to be in the finance or accounting office, there could be rather significant issues immediately.
In this case, the issue was cryptocurrency focused. Within the last five years, there has been much attention paid to this. People have been using crypto miners hoping to mine enough to purchase more equipment or at least make a decent return on their ROI for the equipment purchased. SLC was unfortunately a victim of this. Someone placed cryptocurrency mining malware on their system. Particularly, they used the Monero crypto jacking virus. The company’s website, slc.co.uk, hosted the virus. The visitors to the website became infected with this if they happened to still have the vulnerability open on their system, which would have been exploited.
Although there was the crypto mining incident, the company continues with its mission of being aware of the network at all times and vigilant. Cybersecurity continues to be a top priority for the SLC. The focus continues to be protecting the cybersecurity for the confidential data.
It’s easy to note this. However, in this case, the proof is present. All of the attacks through the years were unsuccessful, except for the one Monero crypto mining incident. This also was not entirely their responsibility. The attack occurred due to their third party plug-in allowing the malware onto the website.
The company quantified the attacks over the year, and these were rather substantial. The organization seems to be taking their cybersecurity seriously. A proper cybersecurity regiment takes time and expense to implement and maintain, however it is worth it in the short and long term.
Ashford, W. (2019, February 4). Massive uptick in cyber attacks targeting student loans company. Retrieved from https://www.computerweeky.com/news/252456975
Fadilpasic, S. (2019, February 4). UK student loans company hit by a million cyberattacks last year. Retrieved from https://www.itproportal.com/news/uk-student-loans-company-hit-by-a-million-cyberattacks-last-year/
IT Pro. (2019, February). Student loans company hit by a million cyber attacks last year. Retrieved from https://www.itpro.co.uk/security/32902/student-loans-company-hit-by-a-million-cyber-attacks-last-year
Muncaster, P. (2019, February). Student loans company hit by one million cyber-attacks. Retrieved from https://www.infosecurity-magazine.com/news/student-laons-comany-hit-one/
Ray, T. (2019, February 4). Student loans company hit by one million cyber attacks last year. Retrieved from https://www.informationsecuritybuzz.com/study-research/student-loans-company-hit/
Sowells, J. (2019, February 10). Student loans company hit by one million cyber attacks in 2018. Retrieved from https://hackercombat.com/student-loans-company-hit-by-one-million-cyber-attacks-in-2018/
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!