In 2020, Check Point Software Technologies and other security researchers identified increased attacks against the schools and universities, in view of the opportunity to disrupt online education and potentially receive ransom payments. In the US, attacks in the education sector are mostly DDoS attacks, while in Europe there is an increase in information disclosures attempts – many of them resulting from ransomware incidents.
According to Terranova Security, the average number of attacks against US-based education organizations in August 2020 alone increased 30% month-over-month, compared to 6.5% across all sectors. The number of ransomware attacks against higher education institutions worldwide also doubled between 2019 and 2020.
A July 2020 report cited by Info Security Magazine claimed that 54% of UK universities had reported a data breach to regulators in the previous 12 months. The UK’s National Cyber Security Centre warned that the country’s universities would continue to be targeted in cyber attacks from nation-state entities and organized criminal gangs in the coming years. The Centre’s commented that universities sometimes avoid implementing measures that would improve their level of security but at the same time hamper the free flow of information, which leaves them more exposed to the theft of intellectual property.
A ransomware attack targeting Blackbaud, one of the world’s largest providers of education administration, fundraising, and financial management software, resulted in data stolen from at least 10 universities in the UK, USA and Canada, including the Universities of London, York, Leeds and Reading – along with other organizations.
In September 2020, a ransomware attack on the Hartford, Connecticut (USA) public school system forced the delay of the start of the school year. A DDoS attack targeting the Miami-Dade County Public Schools in Florida disrupted remote learning. Schools in New York, Oklahoma and Alabama also suffered attacks.
An attack in February 2021 on Simon Fraser University in British Columbia, Canada breached data and compromised personal information. 200,000 people were affected in the attack, which occurred a year after a previous attack, which affected 250,000 students, staff and alumni.
ACID Intelligence and DIP detect the plans cybercriminals aiming to steal information and disrupt learning activities, providing advance warning that allows thwarting attacks or mitigating their consequences and maintaining routine activity of the education system.