CYBERSECURITY | Education, research experience high volume of cyber attacks

Cyber criminals are seeking to capitalize on remote learning by targeting people of schools, universities and research centers who log-in from home using their personal devices.

In 2020, the COVID-19 pandemic forced organizations to pivot suddenly to a mostly remote workforce.

Within a matter of weeks, organizations that had no existing telework programs needed to adapt and update their infrastructure so that their employees, partners and users could work from home. It is now mid-2021, and the end of the pandemic is nowhere in sight, with organizations in many sectors having to deal with an increasingly active and complex threat landscape.

Cyber-experts at Check Point Research (CPR) observed a steady increase in the average number of cyberattacks per organization weekly, with the education and research sector showing a higher number of attacks than other sectors

In July 2021, according to CPR, there was a 29% increase in attacks against organizations in the education sector compared to first half of the year.

By region, organizations in education and research sectors in South Asia most targeted, followed by East Asia and Australia/New Zealand.

By country, Indian education organizations are the most targeted, followed by those in Italy and Israel

CPR also reported that since mid-2020, their cyber security experts were seeing a steady increase in the weekly number of cyberattacks per organization globally, with the education and research sectors being impacted at a higher rate than others.

In particular, organizations in the education and research sector are finding themselves engaged in a cyber security battle like never before. This includes schools, universities and research facilities. Most recently, the Department of Education in Australia’s New South Wales reported that it experienced a cyberattack which resulted in many of their online platforms shutting down, just days before remote learning was to commence in the new school term.

In fact, in July 2021, education and research were the sectors that experienced the highest volume of attacks, with an average of 1,739 attacks per organization weekly. This was a 29% increase from the first half of 2021. The only sector which made a higher change from the first half of 2021 was Leisure, at 51%, as one might expect during the summer months.

Most targeted countries

By country, in July 2021, organizations in the education and research sectors in India experienced the highest volume of attacks with an average of 5,196 attacks weekly per organization. This is a 22% increase from the first half of 2021.

This is followed by Italy, which had an average of 5,016 attacks weekly per organization (70% increase); Israel, with 4,011 attacks weekly (51% increase); and Australia, with 3,934 attacks weekly (17% increase). An increase in the number of attacks weekly per organization compared to the first half of the year in various countries.

In more than half of the countries in the list, education and research were the most attacked sectors and in 94% of them, it is in the top 3 most attacked sectors.

By region, organizations in the education and research sectors in South Asia currently experience the highest volume of attacks with an average of 5,084 attacks weekly per organization. This is a 23% increase compared to the first half of the year. This is followed by East Asia with 3,873 attacks (79% increase) and ANZ with 3,684 attacks (17% increase).

Tips to stay protected

Passwords matter: it is a good idea to review and strengthen passwords that you use for logging onto remote resources, such as email or work applications.

Be phishing-aware: be wary of clicking on links that look in any way suspicious and only download content from reliable sources that can be verified. Remember that phishing schemes are a form of social engineering so if you receive an email with an unusual request, check the sender’s details carefully to make sure that you are communicating with colleagues, not cyber criminals.

Reduce attack surface: A common approach in information security is to reduce the attack surface. For endpoints, you need to take full control of peripherals, applications, network traffic, and your data. You need to encrypt data when it is in motion, at rest, and in use. It is also important to make sure you enforce your corporate policies to achieve endpoint security compliance

Anti-ransomware technology allows you to detect signs of ransomware and uncover running mutations of known and unknown malware families by using behavioral analysis and generic rules

Contain and remediate: Contain attacks and control damage by detecting and blocking command and control traffic and prevent the lateral movement of malware by isolating infected machines. You can then remediate and sterilize your environment by restoring encrypted files, quarantining files, kill processes, and sterilizing the full attack chain.

Today more than ever, endpoint security plays a critical role in enabling remote workforce, that could provide comprehensive protection at the highest security level, crucial to avoid security breaches and data compromise.

Leave a Reply

Your email address will not be published. Required fields are marked *