Education Sector: A Lucrative Target for Cyberattackers
Cyber disruptions across the education sector have become more common than ever. Over the past two months, the sector has been dealing with a barrage of vulnerability exploits, malware, DDoS, and phishing attacks.
- Fairfax County Public Schools, one of the largest school divisions in the U.S., was hit by a ransomware attack. The attack has been claimed by the Maze group, who leaked approximately 100MB of the stolen data as proof.
- The Hartford Public Schools district also got hit by ransomware that delayed school reopening. The attack knocked off various critical systems offline.
Some statistics your way
- The most common threats faced by the education sector came from downloaders and adware, followed by trojans.
- Until June, 2,449 Zoom-related domains were registered, out of which 32 were found to be malicious. To date, Zoombombing is in full force.
- Most of the targeted academic institutions in the U.S. saw an average weekly increase of 30% in attacks during the past two months. At the same time, institutions in Europe saw an increase in attacks by 24%.
Why the sudden increase in attacks?
- DDoS attacks have seen a massive hike, sometimes owing to students checking out dedicated tools available online for free. However, most of the attacks were deployed by hacktivists.
- With the sudden shift of education to virtual environments, the threat profile has changed. The new normal requires new cyber policies and plans.
- Digital classrooms are no different than other industries, at this point, since a multitude of threats have followed the flexible workspace.
- While many institutions have allocated resources to fend off cyberattacks, others fall short due to budgetary constraints. Consequently, vulnerable endpoints, at-risk connectivity, and phishing have contributed to the surge of remote access exposure.
The bottom line
Experts state that these attacks will continue, mostly because a lot of schools lack the readiness to fight even a run-of-the-mill DDoS attack. Moreover, it is not only cybercriminals the sector needs to worry about but also, students who aim to obstruct the digital delivery of education.