The digital transformation across industries has been an ongoing process for some years now and education and research business were amongst the early adopters using digital platforms for delivery courseware and conducting examinations. However, these enterprises also bore the brunt of cybercrime as is evident from a recent report.
The latest report from Check Point Research (CPR) reveals that education and research as a sector saw the most cyber attacks compared with other industries. In fact, the disparity between this sector and the rest of the field is also quite large. In 2023, the sector saw an average of 2256 cyber attacks per company.
This reflects a slight decrease of 1% compared to the same period last year. However, despite this small decline, it is remarkable that the Education/Research sector still exhibits the highest rate of cyberattacks among all industries, which is a significant contrast,
What’s behind this growing trend?
The data shown here underscores the vulnerability of the education and research sector to cybercriminals. What are the reasons behind this trend? Why does this sector stand out as a preferred target? One explanation is the pervasive digitalisation within the sector and its heavy reliance on online platforms for various purposes such as studying, teaching, and testing.
The proliferation of digitisation provides ample opportunities for attackers to exploit and amplify their attacks. Moreover, educational organizations store extensive amounts of sensitive student information, including personal and financial records, making them enticing targets for malicious actors.
In May it was widely reported that several U.S. Schools, colleges and universities have been impacted by ransomware attacks, causing severe disruption. Closer home, we had reported the instance of a data breach at India’s highest valued edtech company Byju’s that could have potentially led to exposing personal data of up to a million students.
How do the regions stack up on this front?
So far in 2023, the APAC region recorded the highest rate of weekly cyberattacks per education organization, with a weekly average of 4,529 attacks. Europe experienced the highest change compared to the same period last year, with an 11% increase year on year.
How to remain protected against cyberattacks
- Educate and train: First and foremost, educating and training your workforce to take security precautions to prevent a breach from occurring.
- Robust Data Backup: A robust, secure data backup solution is an effective way to mitigate the impact of a ransomware attack. If systems are backed up regularly, then the data lost to a ransomware attack should be minimal or non-existent. However, it is important to ensure that the data backup solution cannot be encrypted as well.
- Up-to-Date Patches: Keeping computers up-to-date and applying security patches, especially those labeled as critical, can help to limit an organization’s vulnerability to ransomware attacks as such patches are usually overlooked or delayed too long to offer the required protection.
- Anti-Ransomware Solutions: Anti-ransomware solutions monitor programs running on a computer for suspicious behaviors commonly exhibited by ransomware, and if these behaviors are detected, the program can take action to stop encryption before further damage can be done.
- Utilize better threat prevention: Most ransomware attacks can be detected and resolved before it is too late. You need to have automated threat detection and prevention in place in your organization to maximize your chances of protection.
Check Point shared an example of a phishing attack where criminals posted as a large US university sent out emails from an unrelated domain with a subject line that asked receivers to explore their programs for further educational opportunities. They showed data from an ed-tech company to make the email appear genuine.
Recipients who clicked on the application link that led a website from where the criminals captured user data and personal details. However, several security vendors issued a timely alert on the malicious website which could have potentially stolen user data and performed online transactions on other websites.
