University College Cork

Delivering peace of mind for University College Cork following major public sector breaches

Overview

University College Cork (UCC) has been educating students in Ireland since 1845. In recent years it has won multiple Sunday Times University of the Year awards. In 2021, it was ranked eighth globally by the Times Higher Education Impact Rankings. That makes it a leader in the push towards greater environmental sustainability. However, its world-leading research covers an even broader range of areas—from climate change to healthcare and finance.

As a leading academic institution, UCC is an attractive target for financially motivated cybercriminals looking to steal sensitive personal information on staff and students, and extort money via ransomware. Global ransomware attacks on universities doubled in 2020, according to one estimate. However, UCC’s keen focus on research also exposes it to scrutiny from possible nation state actors looking for potentially advantageous intellectual property.

Looking for insight

UCC was a happy customer of Trend Micro’s Cloud App Security (CAS) offering, which it used to protect Microsoft 365 email and SharePoint data. However, when Conti threat actors breached Ireland’s Health Service Executive (HSE) in May 2021, senior IT leaders at the university were concerned about their own risk exposure. A similar ransomware attack on UCC could have caused significant financial and reputational damage.

That’s when it turned to trusted cybersecurity partner Trend Micro to run a health check on its 10GB network and the hundreds of critical servers connected to it. Although the results thankfully showed no signs of compromise, they revealed a somewhat concerning picture.

“Trend gave us a clean bill of health, but in so doing it also highlighted how we had limited visibility into our network traffic,” says UCC Head of Platform Delivery Barry O’Sullivan. “The university operates one of the largest networks in the region supporting over 25,000 students and staff, hundreds of research projects, and a large number of third-party services. The health check highlighted parts of our network and infrastructure that required action to mitigate a potential breach. In order to secure our digital estate we therefore made the proactive decision to invest in additional Trend Micro offerings.”

"Before, we didn’t have a clear indication where our attack surface started or ended. Now we’re able to manage risk much more effectively."

Barry O’Sullivan
Head of Platform Delivery,
University College Cork

Visibility round the clock

Trend Micro’s security services are available to higher education institutions in Ireland after Trend partnered with Softcat to become an officially accredited supplier via the HEAnet Dynamic Purchasing Scheme (DPS). HEAnet delivers high-speed internet and shared IT services to the Irish education sector.

In the end, UCC bought Trend Micro’s Deep Discovery™ Inspector, the same tool Trend incident response experts had used to check the network for potentially malicious activity. And it coupled this with Managed XDR (MDR) for round-the-clock threat detection and response, delivered as a managed service.

Deep Discovery Inspector (DDI) monitors north-south and east-west network traffic to provide an early warning system for intrusions and post-breach lateral movement. It offers:

  • Monitoring of all network ports and over 105 different protocols
  • Custom sandboxes which are difficult for hackers to evade
  • Detection and protection from spear-phishing emails and targeted ransomware
  • Physical or virtual network appliance options
  • Detection and response via integration with Trend Micro Vision One
     

Managed XDR (MDR) offers 24/7 alert monitoring and threat hunting for organisations who would prefer their in-house teams to focus on other tasks. It delivers:

  • Correlation of threats across network, server, endpoints, cloud workloads and email for maximum visibility
  • Advanced AI to prioritise alerts for more effective detection and response
  • A team of Trend Micro experts to deliver a round-the-clock response to emerging threats

Keeping UCC safe 24/7/365

The combination of DDI and MDR has added much-needed network visibility for the UCC IT team and outsourced the threat detection and response piece to Trend Micro experts. As all malicious activity touches the network at some point during an attack, UCC now has an early warning system for spotting and shutting down a potential breach before the threat actors behind it have an opportunity to make an impact.  

“Before, we didn’t have a clear indication where our attack surface started or ended. Now we’re able to manage risk much more effectively,” says Barry.

The products work in harmony to help mitigate the kind of major incident that impacted HSE so badly in early 2021. And with MDR, the UCC IT team can work on high-value tasks with the peace of mind that Trend Micro experts are keeping an eye on things at all times.

“MDR has been a revelation. When we go home on Friday afternoon, we can sleep safe in the knowledge that Trend’s eyes and ears are still on the network: 24/7/365.”

Trend Micro Partnered with Softcat to become a supplier on the HEANET security services DPS allowing HE organisations to purchase Trend Security services.

"MDR has been a revelation. When we go home on Friday afternoon, we can sleep safe in the knowledge that Trend’s eyes and ears are still on the network: 24/7/365."

Barry O’Sullivan
Head of Platform Delivery,
University College Cork