Story image

Education prime target for cyber attacks, report finds

By Shannon Williams, Tue 22 Oct 2019
FYI, this story is more than a year old

Educational institutions and students around the world remain prime targets for cyberattacks, according to a new report conducted by Malwarebytes.

According to Malwarebytes, school and university networks often lack strong protection due to limited budgets and resources. As a consequence, connected devices remain a favoured point of entry for hackers, whether on institution-owned or BYOD devices, compromising systems and sensitive data.

In 2018, education was the top industry for Adware compromises, Trojan detections, and second on the list of verticals most commonly hit with ransomware. This trend continued in the first half of 2019 and is likely to continue to remain a threat for educational institutions in years to come.

Globally, in the first half of 2019, Trojans, Adware and Backdoors were the three largest categories of threats identified among education institutions:

Adware (43%)
Adware is unwanted software designed to throw advertisements up on screens, most often within a web browser. Typically, it uses an underhanded method to either disguise itself as legitimate, or piggyback on another program to trick the user into installing it on their PC, tablet, or mobile device.
Trojans (25%)
Trojans are often seen as a virus or a worm, but they're neither. Trojans use deception and social engineering to trick unsuspecting users into running seemingly benign computer programmes that hide malicious ulterior motives.
Backdoors (3%)
Unlike other cyberthreats that make themselves known to the user (i.e. ransomware), Backdoors are known for being discreet. They exist for a select group of people in the know to gain easy access to a system or application, and they are on the rise.

Malwarebytes Labs also detected that globally the .edu domain email addresses was increasingly being used on a wide array of other networks, increasing the risk of infection and harm to both the device and the institutions network when the device is brought back on campus.

"The digitisation of the education industry, and the rise of LMS and eLearning platforms represent fantastic opportunities for schools, universities and students," says Jeff Hurmuses, area vice president and managing director, Asia Pacific.

"But this also means more devices, both institutional-owned and student-owned connect to the network," he says.

"Students use an increasing number of devices - on campus, at home and on the go - connecting endpoints to both secure and unknown networks," Hurmuses says. 

"This increases the risks of devices being infected, putting the institutions corporate network and the students personal data at a greater risk of being compromised."

In fact, Malwarebytes found that devices plugged into the school networks (vs. school-owned devices) represented 1 in 3 compromises detected in H1 2019.

Trojans: a cyberthreat on the rise
Education was the top industry globally impacted by Trojans in 2018, and Malwarebytes Labs has identified this trend will continue to accelerate in 2019. In the first half of the year:  

Trojans represented almost 30% of all detections on institution-owned devices
Among devices plugging into the network, Trojans represent the single largest threat category, even above generic Malware and Adware detections

Amongst Australian education organisations, 21% of compromised non-institution-owned devices carried Trojans, much higher than other western countries such as Singapore (17%), or the UK (5%).

In this first half of 2019, Emotet, Trickbot and Trace have been particularly active in the education space globally, with the three representing nearly half of all Trojans detected (44 percent) and more than 11 percent of all compromises

According to Malwarebytes Labs, schools and universities across Australia need to brace themselves for a continuing onslaught of cyberattacks.

"Cybercriminals are opportunistic: the more devices connected to an education institutions network, the more data that is generated and therefore the more tempting the attack," explains Hurmuses. 

"The education sector often puts cybersecurity as a secondary item on their list of priorities, mostly due to limited budgets, lack of internal cybersecurity skills and outdated infrastructure," he says. 

"However, institutions need to understand that protecting endpoints is of utmost importance. It is paramount to prioritise investments in appropriate device protection solutions, and collaborate with students and their parents to raise awareness about basic endpoint cybersecurity hygiene."

Recent stories
More stories