Login

***harlan4096***

Quote:

Educational Institutions Are More Vulnerable to Cyberattacks Than Ever. Learn How to Keep Your Data Safe This School Year.

With the start of this new school year, students are returning to classrooms for the first time in months. However, it is more than clear that the Coronavirus pandemic refuses to die down (for now), which means that remote learning is still very much on the table in 2020-2021.

While some schools are attempting a fulltime return to their teaching spaces, others are adopting a hybrid model that will see students come to class on certain days and learn from home on others. In terms of cybersecurity, this poses new issues for institutions and students alike.

In the following lines, I will first and foremost discuss how the educational sector is affected by cyberattacks. Then, I aim to provide both educational staff and their students with the information they need to handle these matters more proactively in the school year to come.

Cyberattacks in the Educational Sector: An Overview

The K-12 Cybersecurity Resource Center has been monitoring cyberattacks that target American schools, kindergarten through 12th grade, since January 2016. At the moment of my writing of this article, 958 incidents of this sort have been registered. To put the situation into perspective even more, the total rose by 6 over the weekend.

What is more, the total number of operations aimed at K-12 schools alone tripled in 2019. When we take universities into account as well, the statistics are even more desolate. In 2019, several high-profile universities in Europe and the United States alike fell prey to vicious malware and ransomware strains like Emotet or Netwalker. The Columbia College of Chicago and the Humboldt University of Berlin are just a few of the affected institutions of this kind.

What goes on behind these online threats? Why are our schools and universities so vulnerable online? In the sections below, I will talk about the most prevalent types of cyberattacks schools are faced with, as well as their palpable consequences and the reasons why hackers target such institutions.

Prevalent Types of Cyberattacks on Schools

For our readers with experience in the educational sector, it might come as no surprise that unauthorized disclosure breaches are the most widely encountered type of cyberattack plaguing the world’s schools. More often than not, hackers are after your data and money, and do you know which institutions have plenty of that on record? If you shouted ‘schools’ at the screen, you were spot on.

Nonetheless, attackers have a few more threats under their malicious tool belt, and they’re always waiting for an opportunity to throw them at our schools.

According to the K-12 Cybersecurity Resource Center’s 2019 Year in Review, the number for the previous year go as follows:
60.06% consisted of data breaches,

17.82% consisted of ransomware attacks,

8.05% consisted of phishing campaigns,

and 1.15% consisted of denial of service,

while other incidents made up 12.93%.

This differed slightly from the statistics gathered by the center in its 2018 Year in Review, when:
46,72% consisted of data breaches,

15.57% consisted of phishing campaigns,

9.84% consisted of denial of service,

and 9.02% consisted of ransomware attacks,

while other incidents made up 18.85%.

As you can conclude from the statistics above, data breaches held the majority in 2018 and 2019 alike. However, the notable difference stands in the fact that ransomware attacks surpassed phishing in frequency in 2019, outlining a trend in the industry.

Common Effects of Cyberattacks on Schools

The social and financial damages a cyberattack can inflict on an educational institution can be quite extensive if the threat is not mitigated on time. Here are a few significant ways in which a hacking operation can affect such an establishment:
corruption of school property,

misuse of credentials,

student record theft,

interruption of operations,

and financial extortion.

Why Do Cybercriminals Target Schools?

As per Microsoft’s Security Intelligence Report displaying monthly data, around 60% of malware attacks were directed towards the educational sector, making it by far the most affected field. For reference, second place is held by business and professional services, with a mere 10%. Let that sink in for a while.

So, what makes schools such attractive targets for hackers? Well, a few things. In terms of gains, there are three main reasons why malicious groups pursue educational facilities:
Financial benefits, which remain the main driving force behind more than 70% of the world’s total cyberattacks, according to Verizon’s yearly Data Breach Investigations Report.

Personally-identifiable information (PII), which abounds in the databases of schools and universities and comes from a variety of sources (students, alumni, or staff).

Confidential research data, which contains secret martial or governmental information that both state-affiliated and independent malicious actors want to get their hands on. For example, in 2019 Chinese hackers attacked several high-profile universities in the US looking for classified maritime military research.

As for the main reasons for which school networks are so accessible to cybercrime operations, here are a few notable ones:
Lack of cybereducation. While it is expected of companies to train their employees in terms of online safety, this is impractical for schools that see hundreds of new students each year.

Improper on-site protection. Large campuses make it especially easy for ill-intentioned strangers to infiltrate, then hack the perimeter or plant infected devices.

Precarious cybersecurity. In SecurityScorecard’s 2018 Education Cybersecurity Report, the educational sector ranked the lowest among all other industries that were analyzed.

...

Login
Username/Email:
Password:	Lost Password?
	Remember me