search

Education sector sees 29% global increase in cyberattacks, Check Point reports

India suffers highest volume of weekly attacks on education and research facilities, followed by Italy and Israel

Ricky Ben-David is The Times of Israel’s Startups and Business editor and reporter.

An illustrative image of computer popup box screen warning of a system being hacked; hackers, cybersecurity attack (solarseven; iStock by Getty Images)
An illustrative image of computer popup box screen warning of a system being hacked; hackers, cybersecurity attack (solarseven; iStock by Getty Images)

Israel’s Check Point Software Technologies Ltd., a maker of cybersecurity firewalls, reported a noted increase on Sunday in the weekly number of cyberattacks targeting companies and organizations in the global education sector.

With the COVID-19 pandemic forcing everyone online, “organizations in the education and research sector are finding themselves engaged in a cyber security battle like never before,” the company said in a report released on Sunday.

The targets include schools, universities, and research facilities, with an average of 1,739 attacks per organization weekly in July 2021, a 29 percent increase compared to earlier in the year. In fact, the education sector is the most targeted industry for malware and ransomware attacks in 2021. The most recent high-level, large-scale attack occurred in Australia last month when the Department of Education in New South Wales reported a cyberattack that resulted in many of its online platforms shutting down. The attack took place days before remote learning was to commence in the new school term.

Overall, India experienced the highest volume of attacks with an average of 5,196 attacks weekly per education or research organization. This marked a 29 percent increase from the first half of 2021, Check Point reported. Italy followed with 5,016 attacks weekly per organization, a 70% increase, and Israel came in third, according to the findings, with 4,011 weekly attacks, an increase of 51%.

The researchers who ran the study said they attribute the global increase to the vulnerability of educational and research institutes whose online platforms and remote connections for large numbers of pupils and students create new, often unprotected entry points for cybercriminals into the system. They exploit unpatched bugs or weak passwords, as well as unprotected, remote endpoints to gain entry.

Traditionally, the education sector has invested less than other industries in cyber protection even though it manages extensive and often sensitive information about students, faculty, and other academic staff, the Check Point researchers noted in the report.

A graph showing the average weekly number of attacks on organizations in the education/research sector by region, August 2021. (Image: Check Point)

In June, the UK’s National Cyber Security Centre (NCSC) published a report highlighting an uptick in investigations into ransomware attacks on educational institutes.

“Ransomware attacks can have a devastating impact on organizations, with victims requiring a significant amount of recovery time to reinstate critical services,” the NCSC said. These events can also be high profile in nature, with wide public and media interest.”

“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records as well as data relating to COVID-19 testing,” the agency added.

The FBI’s Cyber Division also issued a warning recently saying ransomware poses a huge risk for higher education. The Cyber Division specifically detailed a type of attack called PYSA, also known as Mespinoza, in which attackers activate malware capable of exfiltrating data and encrypting users’ critical files stored on their systems, rendering them inaccessible, after which they ask for a ransom payment to decrypt the affected files.

A surge in smart ransomware attacks

The new Check Point study came a month after the company reported a 93% surge in global ransomware attacks, as large-scale, multi-vector attacks that infect multiple components are the “new norm.”

“We’ve seen a 93 percent increase in ransomware attacks, as Gen V attacks are now the new norm,” Gil Shwed, the founder and CEO of the cybersecurity firm, said in July as the company presented its second-quarter results.

Generation V attacks, which two years ago were considered rare, have become extremely common today, Shwed said at a press conference in Tel Aviv while presenting the financial results. Gen V attacks are large-scale, multi-vector attacks, aimed at infecting a number of components, including networks, the cloud, and all kinds of connected devices.

Over 1,210 organizations globally are impacted weekly by Gen V attacks, Shwed said, with Latin America and Europe seeing the largest increase.

read more:
comments
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed