Cyber disruptions across the education sector have become more common than ever. Over the past two months, the sector has been dealing with a barrage of vulnerability exploits, malware, DDoS, and phishing attacks.
Couple of Incidents
• Fairfax County Public Schools, one of the largest school divisions in the U.S., was hit by a ransomware attack. The attack has been claimed by the Maze group, who leaked approximately 100MB of the stolen data as proof.
• The Hartford Public Schools district also got hit by ransomware that delayed school reopening. The attack knocked off various critical systems offline.
Statistics
• The most common threats faced by the education sector came from downloaders and adware, followed by trojans.
• Until June, 2,449 Zoom-related domains were registered, out of which 32 were found to be malicious. To date, Zoombombing is in full force.
• Most of the targeted academic institutions in the U.S. saw an average weekly increase of 30% in attacks during the past two months. At the same time, institutions in Europe saw an increase in attacks by 24%.
Rise in Attacks
• DDoS attacks have seen a massive hike, sometimes owing to students checking out dedicated tools available online for free. However, most of the attacks were deployed by hacktivists.
• With the sudden shift of education to virtual environments, the threat profile has changed. The new normal requires new cyber policies and plans.
• Digital classrooms are no different than other industries, at this point, since a multitude of threats have followed the flexible workspace.
• While many institutions have allocated resources to fend off cyberattacks, others fall short due to budgetary constraints. Consequently, vulnerable endpoints, at-risk connectivity, and phishing have contributed to the surge of remote access exposure.
Conclusion
Experts state that these attacks will continue, mostly because a lot of schools lack the readiness to fight even a run-of-the-mill DDoS attack. Moreover, it is not only cybercriminals the sector needs to worry about but also, students who aim to obstruct the digital delivery of education.