Security researchers at Check Point have seen a global increase in cyber-attacks against education and research institutions, after conducting a research study on organisations in the USA, Europe and Asia regions.
The USA saw the highest increase in education- and research-related attacks, according to Check Point researchers. In July and August 2020, the average number of weekly attacks per organisation in the USA education sector increased by 30%, from 468 cyber-attacks to 608, when compared to the previous two months. Cyber-attacks targeting all other sectors increased by only 6.5%.
The primary attack method against the USA education is distributed denial-of-service (DDoS) attacks. A DDoS attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. A recent example involved a teen hacker in Florida who paralysed the nation’s largest school districts for its first three days of virtual classes.
Information disclosure attempts
In Europe, there was also a substantial increase in the number of cyber-attacks
In Europe, there was also a substantial increase in the number of cyber-attacks, noticeably in the form of information disclosure attempts. The average number of weekly attacks per organisation in the European academic sector in July-August increased by 24% from 638 to 793 in the previous two months. The general increase in the number of attacks against all other sectors in Europe was just 9%.
Information disclosure attempts are a type of attack aimed at acquiring system specific information about a web site, including software distribution, version numbers and patch levels. The acquired information might also contain the location of backup files or temporary files. Most web sites will disclose some amount of information. The more information that an attacker learns about a web site, the easier the system will be to compromise.
Asian education sector
In Asia, the increase in attacks was seen mainly in several types of vulnerability exploits: Denial of Service, Remote Code Execution and Information Disclosure.
During July and August 2020, the average weekly attacks per organisation in the Asian education sector increased by 21%, from 1322 to 1598, when compared to the previous two months. The general increase in the number of attacks against all sectors in Asia was only 3.5%.
Targeting virtual classes
I strongly urge students, parents and institutions to be extra careful these next few months"
Omer Dembinsky, Manager of Data Intelligence at Check Point said: “The coronavirus pandemic has forced the transition to remote work and remote learning. These attack numbers show an ominous trend: hackers are eyeing students returning to virtual classes as easy targets. These attacks can include malicious phishing emails, “Zoombombs” and even ransomware. The recent cyber attack on the Miami-Dade public school system is just one example. Human beings are always the weakest link when it comes to cyber security. I strongly urge students, parents and institutions to be extra careful these next few months, as I believe the attack numbers and methods will only get worse. As remote learning stays, hackers also stay.”
Check Point researchers have provided the following security tips for students, parents and schools:
Tips for Students
- Cover one’s webcam. Turn off or block cameras and microphones when class is not in session. Also, be sure that no personal information is in the camera view.
- Only click on links from trusted sources. When in the remote school collaboration platform, only click on links that are shared by the host or co-hosts, when directed to do so.
- Login directly. Always be sure to log in directly to one’s schools’ remote school portals; do not rely on email links, be aware of lookalike domains on public tools.
- Use strong passwords. Hackers often attempt to crack passwords, especially short and simple ones and adding complexity into one’s password prevents that.
- Never share confidential information. Students should not be asked to share confidential information via online tools. They should keep all personal information off cloud storage platforms.
Tips for Parents
- Talk to one’s kids about phishing. Teach one’s children to never click on links in email messages before they first check with oneself.
- Call out cyberbullying. Explain to one’s children that hurtful comments or pranks delivered online are not OK. Tell them that they should immediately come to you if they experience or see someone else experience cyberbullying.
- Explain that devices should never go unattended. Your kids will need to understand that leaving a device for unwanted hands can be detrimental. Hackers can login to one’s devices assume one’s child’s identity online.
- Set parental controls. Set the privacy and security settings on websites to one’s comfort level for information sharing.
- Increase awareness. Cybersecurity literacy is an important skill set, even for the youngest schoolchildren. Invest the time, money and resources to ensure one’s child is aware on cyber security threats and precautions.
Tips for Schools
- Get anti-virus software. Make sure one’s children’s laptops and other devices are protected by antivirus software prevents them from accidentally downloading malware. Turn on automatic updates for that anti-virus software.
- Establish a strong online perimeter. Schools should establish strong boundary firewalls and internet gateways to protect school networks from cyber-attacks, unauthorized access and malicious content.
- Check third party providers thoroughly. Schools should ensure they vet thoroughly all third party platform providers they use.
- Monitoring the system, constantly. Schools must monitor all of their systems continuously and analyse them for unusual activity that could indicate an attack.
- Invest in online cyber security education. Ensure that members of staff understand the risks. Conduct regular sessions for students so they are aware of the latest cyber security threats.