Log in to view details about your AARNet services, including usage reports
Log in to send files of any size, quickly and securely
Browse answers to frequently asked questions about our products and services
Check the current performance status for our services
Fast local access to popular international open-source content
Check to see if a web address is on-net
Keep your assets and community protected by adapting cyber security strategies, staying informed and implementing best practices.
Cyber security is increasingly a point of consideration for all organisations, but it is becoming a critical concern for Australian universities and K-12 schools.
Major cyber threats currently faced by universities and schools include phishing attacks, ransomware or malware, Denial or Service (DoS) or Distributed Denial of Service (DDoS) attacks, and data breaches. Any of these incidents can severely impact productivity of an educational institution, and can have serious financial and reputational implications.
Phishing is one of the most common social engineering attacks, often executed via email, phone call or texts. These interactions aim to trick an individual to give up personal or company information or account passwords.
Ransomware or malware attacks are designed to encrypt data on a device or system so that it is no longer readable, with a demand for payment in order to decrypt it. Perpetrators of ransomware attacks may also threaten to release the data to a public forum or the dark web unless their demands are met.
DDoS attacks overload a target with a flood of internet traffic, disrupting critical online services and systems. While a DoS attack usually originates from a single point, a DDoS attack can come from multiple source IP addresses from around the world, making it much more difficult to manually filter or drop the traffic.
Data breaches can be the result of a lapse in security such as weak passwords, unpatched software or human error. Another risk of data breaches are through insider threats, where someone with authorised access or understanding of internal systems can use that information to harm the organisation.
Over the past year, the AARNet Security Operations Centre has seen evidence across the education sector of an increase in both DDoS attacks, and targeting from crime groups undertaking ransomware and data theft operations. The Australian Cyber Security Centre’s Annual Cyber Threat Report for 2022 revealed that they received over 76,000 cybercrime reports between July 2021 and June 2022, with 7% of those coming from the education and training industry.
Educational institutions were also the most impacted sector when it comes to ransomware attacks, where they make up 11% of the 447 incidents reported. Similarly, the Office of the Australian Information Commissioner’s Notifiable Data Breaches Report noted that 11% of the 396 reported incidents between January and June 2022 affected the education sector.
Creating a safe and secure environment for students, faculty and staff to teach, learn and work online is paramount for educational institutions. By adapting cyber security strategies, staying informed and implementing the following best practices, universities and schools can keep their assets and community protected in line with recognised industry frameworks such as the Australian Cyber Security Centre’s Essential 8 Maturity Model or, as outlined below, the American National Institute of Standards and Technology’s NIST Cyber Framework:
Identify (what processes and assets need protection by):
Protect (enterprise assets by implementing appropriate safeguards such as):
Detect (cyber security weaknesses or the occurrence of cyber security incidents by):
Respond and Recover (to contain the impact of a cyber security incident and restore capabilities by):
The Australian Cyber Security Centre (ACSC) website is also a useful resource providing a wealth of information about protecting your organisation’s IT systems and information.
Find out more about how AARNet Cyber Security services can help protect your institution.