Education sector sees 29% global increase in cyberattacks

The targets include schools, universities, and research facilities, with an average of 1,739 attacks per organization weekly in July 2021, a 29 percent increase compared to earlier in the year. In fact, the education sector is the most targeted industry for malware and ransomware attacks in 2021. The most recent high-level, large-scale attack occurred in Australia last month when the Department of Education in New South Wales reported a cyberattack that resulted in many of its online platforms shutting down. The attack took place days before remote learning was to commence in the new school term.

Overall, India experienced the highest volume of attacks with an average of 5,196 attacks weekly per education or research organization. This marked a 29 percent increase from the first half of 2021, Check Point reported. Italy followed with 5,016 attacks weekly per organization, a 70% increase, and Israel came in third, according to the findings, with 4,011 weekly attacks, an increase of 51%.

The researchers who ran the study said they attribute the global increase to the vulnerability of educational and research institutes whose online platforms and remote connections for large numbers of pupils and students create new, often unprotected entry points for cybercriminals into the system. They exploit unpatched bugs or weak passwords, as well as unprotected, remote endpoints to gain entry.

Traditionally, the education sector has invested less than other industries in cyber protection even though it manages extensive and often sensitive information about students, faculty, and other academic staff, the Check Point researchers noted in the report.

In June, the UK’s National Cyber Security Centre (NCSC) published a report highlighting an uptick in investigations into ransomware attacks on educational institutes.

“Ransomware attacks can have a devastating impact on organizations, with victims requiring a significant amount of recovery time to reinstate critical services,” the NCSC said. These events can also be high profile in nature, with wide public and media interest.” “In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records as well as data relating to COVID-19 testing,” the agency added.

The FBI’s Cyber Division also issued a warning recently saying ransomware poses a huge risk for higher education. The Cyber Division specifically detailed a type of attack called PYSA, also known as Mespinoza, in which attackers activate malware capable of exfiltrating data and encrypting users’ critical files stored on their systems, rendering them inaccessible, after which they ask for a ransom payment to decrypt the affected files.

A surge in smart ransomware attacks

The new Check Point study came a month after the company reported a 93% surge in global ransomware attacks, as large-scale, multi-vector attacks that infect multiple components are the “new norm.” “We’ve seen a 93 percent increase in ransomware attacks, as Gen V attacks are now the new norm,” Gil Shwed, the founder and CEO of the cybersecurity firm, said in July as the company presented its second-quarter results.

Generation V attacks, which two years ago were considered rare, have become extremely common today, Shwed said at a press conference in Tel Aviv while presenting the financial results. Gen V attacks are large-scale, multi-vector attacks, aimed at infecting a number of components, including networks, the cloud, and all kinds of connected devices.

Over 1,210 organizations globally are impacted weekly by Gen V attacks, Shwed said, with Latin America and Europe seeing the largest increase.

Ricky Ben-David