Education Sector Experienced Highest Volume of Cyber Attacks in July   

As back-to-school begins, Check Point Research (CPR) found the education sector to have the highest volume of cyber attacks for the month of July. Cyber criminals are seeking to capitalize on the short-notice shift back to remote learning driven by the Delta variant, by targeting people of schools, universities and research centers who log-in from home using their personal devices.

• Global education sector saw a 29% increase in cyber attacks, and an average of 1,739 attacks a week, in July, compared to first half of 2021
• Top 5 most attacked countries were India, Italy, Israel, Australia and Turkey
• UK region experienced a 142% increase in weekly cyber attacks on its education sector; East Asia region marked a 79% increase

Check Point Research (CPR) sees an increase in cyberattacks against the global education sector, as back-to-school season gets underway. During the month of July, the education sector experienced the highest volume of cyber attacks compared to other industry sectors that CPR tracks, with an average of 1,739 cyber attacks documented per organization each week, marking a 29% increase from the first half of 2021.

Most Targeted Countries: India, Italy, Israel, Australia and Turkey

The table below shows the number of weekly cyber attacks in July on the education sectors for India, Italy, Israel and Australia, as well as the percent increases compared to the first half of 2021.

Figure 1: Weekly attacks per organizations by country  (July 2021 compared to first half of 2021)

In more than half of the countries studied by CPR, the education sector is the most attacked sector, and in 94% of them, the education sector is in the top three most attacked sectors.

Asia Leads

By region, organizations in the education sector in South Asia experienced the highest volume of attacks.

Quote: Sundar Balasubramanian (Managing Director, Check Point Software Technologies, India & SAARC)

We found that the education sector in India was attacked significantly more compared to other industries in the month of July 2021. Schools, universities and research centers make for attractive targets to cyber criminals because they are often under resourced from a security perspective. The short-notice, on-and-off shift to remote learning exacerbates the security risk. With so many students logging on from their home networks using their personal devices, the current school season presents a range of new security threats that many aren’t prepared to address. Organizations in the Indian education sector should be proactive in their protection strategies. It’s important to constantly change and strengthen your passwords and use technologies that prevent cyberattacks, such as ransomware

Cyber Safety Tips for Academia, Staff and Students

• Strengthen passwords. Passwords matter – it is a good idea to review and strengthen passwords that you use for logging onto remote resources, such as email or work applications.
• Be phishing-aware: be wary of clicking on links that look in any way suspicious and only download content from reliable sources that can be verified. Remember that phishing schemes are a form of social engineering so if you receive an email with an unusual request, check the sender’s details carefully to make sure that you are communicating with colleagues, not cyber criminals.
• Reduce attack surface: A common approach in information security is to reduce the attack surface. For endpoints, you need to take full control of peripherals, applications, network traffic, and your data. You need to encrypt data when it is in motion, at rest, and in use. It is also important to make sure you enforce your corporate policies to achieve endpoint security compliance
• Use Anti-ransomware. This technology allows you to detect signs of ransomware and uncover running mutations of known and unknown malware families by using behavioral analysis and generic rules
• Contain and remediate. Contain attacks and control damage by detecting and blocking command and control traffic and prevent the lateral movement of malware by isolating infected machines. You can then remediate and sterilize your environment by restoring encrypted files, quarantining files, kill processes, and sterilizing the full attack chain.