Analysis: Online Attacks Hit Education Sector WorldwideCheck Point Researchers Identify Increases in DDoS Attacks, Other Threats
Check Point Research analysts have observed a significant rise in online attacks against the educational sector worldwide since July.
The U.S. faces a rise in distributed denial-of-service attacks, while Europe is seeing an increase in information disclosures attempts - many of them resulting from ransomware incidents, the researchers say. Meanwhile, in Asia, cybercriminals are taking advantage of vulnerabilities in the IT systems that support schools and universities to wage a variety of attacks.
DDoS and other attacks are surging because threat actors see an opportunity to disrupt schools resuming online education and potentially earn a ransom for ending an attack, according to Check Point and other security researchers.
"Distributed denial-of-service attacks are on the rise and a major cause of network downtime,” the new Check Point report notes. “Whether executed by hacktivists to draw attention to a cause, fraudsters trying to illegally obtain data or funds or a result of geopolitical events, DDoS attacks are a destructive cyber weapon. Beyond education and research, organizations from across all sectors face such attacks daily."
In the U.S., the Cybersecurity and Infrastructure Security Agency has warned of an increase in targeted DDoS attacks against financial organizations and government agencies (see: CISA Warns of Increased DDoS Attacks).
As of Aug. 18, 20 of the 25 largest U.S. school districts have moved entirely to online platforms for instruction, which equates to about 4.3 million students learning remotely, according to a report by Education Week.
Check Point researchers found that, in the U.S., the average number of attacks against educational organizations increased 30% to 608 per week in August, compared to July. When all sectors are considered, attacks rose 6.5%.
Check Point says the majority of the U.S. increase is due to DDoS attacks. One such attack led Miami-Dade County Public Schools in Florida to cancel online classes for 200,000 students on Sept. 2 (see: Ransomware and DDoS Attacks Disrupt More Schools).
European educational institutions are also facing more cyberthreats, with surges in ransomware incidents and attempted information disclosures, rather than DDoS attacks, according to the report.
Check Point says the average number of attacks against educational organizations was 793 per week in August, up 24% from the previous month, while the average increase across all sectors stood at about 9%.
On Aug. 30, Newcastle University in the U.K. reportedly was targeted in a cyber incident that crippled its IT systems.
On Thursday, Britain's National Cyber Security Centre released a report that found ransomware attacks against schools and universities had increased in August.
"The NCSC dealt with several ransomware attacks against education establishments in August, which caused varying levels of disruption, depending on the level of security [these] establishments had in place," according to the report.
Meanwhile, in Asia, hackers are exploiting IT system vulnerabilities that open the door to DDoS attacks, remote code execution and information disclosures, Check Point reports. Across the continent, attacks targeting educational organizations surged 21% in August, compared to July. When all sectors are considered, attacks increased only 3.5%, Check Point says.
Malicious Activities Rising
A report released by security firm Kaspersky earlier this year noted DDoS attacks affecting educational resources between January and June were up 350% compared to the same period a year ago.
"And a large portion of that increase can be attributed to the growing number of attacks against distance e-learning services," according to Kaspersky.
In a report earlier this month, Check Point found that, between May and August, suspected hackers registered over 35,000 domains with back-to-school themes, with 512 considered malicious and 3,400 tagged as suspicious.