Cyber threats to research

Published: November 11, 2024

Researchers working together to build a prototype product

Cyber threats to research

Overview

One of the key security risks to the University identified by Information Security (IS) is attacks targeted at researchers. While many of these threats extend beyond research, the scope of research activities and the value of intellectual property increases the risk from sophisticated attacks, espionage and foreign interference.

Threat modelling

Threat modelling is an exercise in identifying and understanding the potential threats to a system, tool or process. In the context of a research project (including the systems, applications and people involved), it is crucial to determine who might try to disrupt your research, the means that could be used and how to defend against such threats.

Cyber threat actors

Threat actors are individuals or groups who maliciously seek to gain unauthorized access to, or otherwise disrupt, your research project, through your data, systems, tools or processes.

The Canadian Centre for Cyber Security categorizes threat actors according to their motivations and sophistication.

Cyber threat actor Motivation Sophistication Methods
Nation states Geopolitical High
  • Advanced persistent threat (complex and protracted advanced techniques)
  • Highly targeted; valuable intellectual property or sensitive data
  • Bespoke and commercial cyber tools
  • Exploitation of currently unknown vulnerabilities
  • Coercion, espionage, extortion
Cybercriminals Profit Medium to high
  • Commercial cyber tools
  • Illegal cyber tools and services
  • Broad targeting; phishing campaigns
  • Exploitation of known vulnerabilities (quickly)
  • Extortion and exploitation of individuals
Hacktivists Ideological Low to medium
  • Targeted cyber attacks
  • Commercial cyber tools
  • Illegal cyber tools and services
  • Exploitation of known vulnerabilities
Terrorist groups Ideological Low to medium
  • Mixture of broad and targeted cyber attacks
  • Commercial cyber tools
  • Illegal cyber tools and services
  • Exploitation of known vulnerabilities
Thrill-seekers Satisfaction and mischief Low
  • Commercial cyber tools
  • Exploitation of common, widely known vulnerabilities
Insider threat Discontent Low to high
  • Exploitation of insider knowledge and processes
  • Malicious use of provided access

While research with national security or commercial implications may typically attract more sophisticated threats, any system connected to the internet with unaddressed vulnerabilities can be compromised and exploited (e.g., malware, virus, ransomware, denial-of-service attacks and cryptojacking), leading to system instability, confidentiality breaches and data loss.

How to defend against cyber threats?

Safeguarding research is a top priority of the University. and there are several offices and resources available to assist researchers. Regardless of your first point of contact, the collaborative nature of the University’s research-enabling offices ensures the right expertise is implemented for your project’s success.

Research Information Security Program

The Research Information Security Program collaborates closely with research administrative and technical support staff across the University, and is available to assist with threat modelling, system security planning and research cyber security and risk reviews.

Information Security Handbook

Explore the Information Security handbook to get actionable steps and helpful information for your cyber security questions and requirements. This handbook is a trusted resource created by the Information Security team for the University community.

Digital Research Infrastructure (DRI@UT)

The University seeks to enable the creation and sustainment of a coordinated, agile, rich, diverse, effective, efficient and secure collection of digital research infrastructure and services that meet the complex and varied needs of our research community. DRI@UT is aligned with and leverages opportunities created by governments, including Canada’s Digital Research Infrastructure (DRI) Strategy, and other partners.

Where feasible, it is recommended that researchers leverage institutional and divisional systems such as SciNet, Health Data Nexus and other available resources. Your local IT support staff may also suggest departmental or discipline-specific resources that can meet the needs of your project.

Local IT and IS support staff

Your local technical support staff are an invaluable resource for suggestions on departmental or discipline-specific resources that can meet your project needs, initial and ongoing support of research systems and as subject matter experts on research computing. During funding applications and protocol drafting through active research, be sure to reach out and consult these cyber security experts as you plan out and use your research systems.

Research Security Team

The Research Security Team provides advice and support to researchers, academic administrators, staff and trainees on funding applications, sponsor requirements and institutional decision-making by assessing risks through the lens of research security, informed by national and geopolitical security evidence.

University of Toronto Libraries

The University of Toronto libraries is an essential partner in providing research data management resources, services and consultations as part of planning and implementing practices that ensure the proper care and stewardship of research data.

Related articles

One researcher working with a microscope while the other person documenting on a laptop.

Top security tips for researchers

November 11, 2024
Researchers studying their data on a computer monitor

Assessing your research project’s cyber risks

November 11, 2024
A group of people having a discussion in the library.

Why partner with Information Security?

November 11, 2024