Why has there been increase in cyber risks for the education sector?
The coronavirus pandemic has arguably affected the education sector more than any other, with schools, colleges and universities around the globe having been forced to close their doors and deliver classes remotely.
Most of the discussion surrounding this has focused on the logistical problems of setting up e-learning platforms, parents balancing their workloads with home-schooling and students completing exams.
However, one of the most significant issues – particularly in the long term – is that the pandemic has also exposed massive cyber security failings in the education sector.
Indeed, the UK’s National Cyber Security Centre released a security alert to schools and universities sector this week, warning that cyber criminals are targeting the education sector as students return after the summer.
We reported 17 cyber attacks on schools and universities in August alone, with many of those attacks being ransomware.
Newcastle University, for example, became one of the most high-profile victims earlier this month, after it was targeted by the DoppelPaymer ransomware gang.
There have also been countless cases of ‘Zoombombing’ – in which uninvited guests enter meetings to harass participants and snoop into people’s homes.
In one instance, a ‘Zoombomber’ disrupted an online class to shout a profanity, and in another, the virtual classroom was interrupted by someone streaming pornography.
Although some of these attacks are a direct response to schools’ ad hoc response to the pandemic, it’s not as though the education sector was especially resilient before being forced into online learning.
According to a UK government survey, 80% of UK schools experienced a cyber attack in 2019, and things aren’t any better in the US, with a report finding that cyber attacks against schools tripled last year.
This is the result of schools increasingly relying on technology – whether it’s online learning platforms, teaching tools or day-to-day operations – while neglecting the security concerns that come with it.
What kind of threats do schools face?
A recent Kaspersky report outlines several cyber security threats associated with online learning:
Kaspersky notes that several bogus sites replicating Google Classroom and Zoom began popping up at the start of the pandemic.
According to Check Point Research, from the end of April to mid-June, 2,449 domains related to Zoom were registered, 32 of which were malicious and 320 were suspicious.
Fraudsters have also taken aim at Microsoft Teams and Google Meet, as well as universities’ online portals.
- DDoS (distributed denial-of-service) attacks
Between February and June 2020, there was a 350–500% increase in DDoS attacks on the education sector compared to the same timeframe last year.
These attacks, which flood network traffic with requests until they are overwhelmed and crash, are usually performed to disrupt an organisation – perhaps as an act of revenge, a political statement or simply for fun – or to distract organisations while the attackers perform a more sophisticated attack.
The most common threat that the education sector faces are downloaders, adware and Trojan horses.
This threat is almost exclusively related to the widespread implementation of Zoom. The video conferencing app saw a surge in popularity at the start of lockdown, and cyber criminals responded by creating bogus application installers.
Students and teachers have repeatedly been fooled into installing a bogus version of Zoom, unleashing malicious software onto their systems.
Kaspersky reports that, of the 168,55 instances of bogus application installations that it detected between January and June, 99.5% were associated with fake Zoom apps.
How should schools respond?
Despite schools and universities worldwide reopening their doors to students, digital learning continues to be an essential part of the way they operate – and these systems must be more resilient to attacks.
But although many organisations in the education sector know that they should be doing more, they might not know where to begin. That’s where our Cyber Security as a Service can help.
With this annual subscription service, our experts are on hand seven days a week to advise you on the best way to protect your organisation.
They’ll guide you through vulnerability scans, staff training and the creation of policies and procedures, which form the backbone of an effective security strategy.