Blog

Improving cyber security immediately in one easy move – at no extra cost

Avatar headshot
by
Ben Chapman

How institutions can create the most secure environment possible for learning online.

Woman using a printer

It’s a nightmare scenario – and it could happen to anyone

All it takes is one click. One person, without thinking, sends an innocent-looking document to one of their institution’s networked printers.

What’s the worst that could happen?

No, not a paper-jam, but a massive cyber attack.

Quietly, stealthily, undetected by anyone, every printer on the campus goes rogue. Hackers use them to access and exfiltrate sensitive data on staff and students, and demand a hefty ransom to restore it. Systems go down, teaching and learning grind to a halt, IT staff scramble to identify the problem and contain it.

The repercussions from just one click are enormous.

It did happen – but not to everyone

Last year, organisations all over the UK suffered downtime, diverted staff resources and incurred unexpected costs when a vulnerability in the PaperCut print management solution allowed cyber criminals to access printers without requiring any authentication credentials and use them to remotely execute malicious code.

Except, that is, for education and research institutions who had activated the protective domain name service (DNS) that comes as part of their Jisc membership.

Prevention is always better than cure

PaperCut was just one of the 290 billion cyber security queries that were successfully resolved by the protective DNS Janet Network resolver service (JNRS) in the past 12 months.

JNRS protects 366 subscriber organisations, including around 3 million internet users in UK education and research, against malicious attacks like this.

And the threat level is constantly rising: according to the government’s Cyber security breaches survey 2024: education institutions annex, 97% of UK HE institutions and 86% of FE colleges identified a breach or attack in the past year.

As part of a layered approach to cyber security, the JNRS protective service is vital to building a safer digital future for students, staff and users.

Immediate improvements in cyber security

Enabled by Infoblox, MISP and Splunk, JNRS safeguards devices that connect to an institution’s network - including students’ own devices and anyone using the guest wifi - by intercepting requests and blocking access to any domain classed as phishing or malicious.

Once activated and configured, the service delivers immediate security improvements: if a known malicious site can be rendered inaccessible, phishing domains instantly become ineffective.

More users + more sharing = better threat intelligence

As the digital services provider for academia and operator of the UK’s national research and education network (NREN), Jisc has a unique ability to view threats across all our connected community.

Jisc’s cyber security incident response team (CSIRT) works closely with the National Cyber Security Centre (NCSC) and commercial providers. They also source data from the cyber community, as well as from traffic over the Janet Network (all of it passive and unattributable to an individual or institution).

JNRS constantly ingests and analyses these live threat feeds, enabling it to adapt fast and respond quickly to new or emerging threats. This process of continuous improvement ensures the intelligence is closely aligned to sector needs.

And the more people use the service, the better and more accurate that intelligence becomes.

Getting started is simple

Any Janet-connected organisation can access JNRS simply by registering for Jisc’s cyber security portal and requesting access to the standard service. It’s quick and easy to set up, and no extra servers or resources are usually needed locally. A bespoke service option can also be used to protect cloud deployments.

Members can access free advice from Jisc’s CSIRT team and also share information with other members through Jisc's cyber security community, which now has more than 2,000 members.

Find out more

About the author

Avatar headshot
Ben Chapman
Head of architecture and engineering, Jisc