Being stung by a honeytrap is a constant security threat
Scandal, sleaze and ‘sexting’ - how the Westminster ‘honeytrap’ story is a reminder that vigilance against social engineering and phishing threats remains necessary
16 Apr 2024
British universities are cited as some of the best in the world; working on cutting-edge and revolutionary research.
The Director General of MI5 and senior politicians warned last week these institutions are being targeted for their intellectual property (IP) by hostile states and spies - and as a result this is a threat to national security.
In the face of this, universities must work at speed to increase their physical security measures and keep their academia and research safe, whilst balancing the need for open exchange of ideas that is vital to academic progress.
Noah Price, G4S Academy International Director, said: “Threats against universities are on the increase and are expected to rise further. Hostile states target universities because unlike government agencies or security services, these institutions prioritise the open sharing and collaboration of research, ideas and education, which can make them more vulnerable to cyber-attacks and espionage.
“Universities working on cutting-edge research need to implement targeted multi-layered security as a matter of urgency to protect sensitive research.”
Intellectual property theft committed by an external threat actor is expected to increase by 30% in the UK in the next year, according to G4S’s first ever World Security Report.
What is so concerning about events like this is the insidiousness of the threat actors’ reach, and not knowing what information they are desperate to obtain. The first person they target and turn may just be the weak spot and gateway to reaching their ultimate target.
Insider threats
A preventative measure being considered by the UK government is for academics involved in critical scientific research at British universities to undergo vetting by security services.
With internal threats expected to increase next year according to 94% of UK Chief Security Officers, vetting of university staff and regular re-vetting are actions G4S supports.
“Leaking of sensitive information, Unauthorised access to company data or networks, and intellectual property theft are all expected by almost a third of respondents to our survey,” Price said. “Vetting and regular re-vetting are a really good physical security measure to detect those trying to infiltrate an organisation, or to see if anyone has been turned.”
What physical security measures can be taken
Universities must implement a robust security operation preventing both physical and cyber threats.
Implementing two-factor authentication on research devices, as well as passcode or biometric access controls are just two examples. AI surveillance systems may also be another; allowing security officers to monitor the movements of individuals in an ethical manner.
Institutions should also monitor who is accessing certain documents on their devices. If there is no need for an individual to be reading a piece of research this could be a sign they are attempting to access confidential information and may possibly be an insider.
Price said: “While we all want universities to share academia, knowledge and expertise, they must do so within a secure environment that protects IP from being stolen and also protects our national security. Implementing and maintaining a robust security operation is the best way to do this.”