According to a report titled ‘Cyber Threats Targeting the Global Education Sector’, India is the biggest target of cyber threats to educational institutions and online platforms followed by the USA, the UK, Indonesia and Brazil. The key triggers that enlarged the attack surface includes the adoption of remote learning during the Covid-19 pandemic, digitisation of education, and prevalence of online learning platforms.
The report also claimed that data shows a 20% increase in cyber threats to the global education sector in the first three months of 2022 when compared to the corresponding period of 2021.
“Of the threats detected in Asia and Pacific last year, 58% of them were targeted at Indian or India based educational institutions and online platform. Indonesia was distant second being the target of 10% cyber threats. This included attacks on BYJU’s, IIM Kojhikode and Tamil Nadu’s Directorate of Technical Education,” the report said.
The report findings indicate that several cybercriminals are actively leaking databases, accesses, vulnerabilities and exploits, and other information belonging to educational institutions, on cybercrime forums.
“Databases and accesses are the most commonly sought after data types. The databases leaked from educational institutions primarily contain information Personally Identifiable Information (PII) of students and their families, including name, date of birth, email address, phone number, and physical address; website user records and credentials and examination results and scores,” it said.
“Overall, the USA was the second most affected country across the globe with a total of 19 recorded incidents, accounting for 86%of the threats in North America. These include ransomware attacks on prestigious institutions such as Howard University and University of California. In addition, high-risk API vulnaribilities were uncovered in Coursera, the massive open online course provider,” the report added.
The report has been compiled by the Threat Research and Information Anayltics Division of CloudSEK, a Singapore-based AI-driven Digital Risk Management Enterprise.
The experts have asserted in the report that given the size and impact of the education sector, it is critical for institutions, students, parents, teachers, and the government to ensure that the information gathered and stored is not leaked and exploited by cybercriminals.
Creating awareness among users regarding cyber-attacks, online scams, and phishing campaigns; enacting strong password policies and enable multi-factor authentication (MFA); updating and patching software, systems, and networks on a regular basis; maintaining multiple backups, both online and offline, in separate and secure locations; monitoring logs for unusual traffic and activity to websites and other applications are among the recommendations made in the report. “The institutions should block illegitimate IP addresses and deactivate port forwarding using network firewalls. They should perform real-time monitoring of the internet to identify and mitigate low-hanging threats, such as misconfigured apps, exposed data, and leaked accesses, that are leveraged by cybercriminals to carry out large scale attacks.
“The students, parents, faculty, and staff should avoid clicking on suspicious emails, messages and links; not download or install unverified apps; use strong passwords and enable multi-factor authentication (MFA) across accounts,” the report added.