India is the biggest target of cyber threats to educational institutions and online platforms followed by the USA, the UK, Indonesia and Brazil, according to a report.
The report also says that the adoption of remote learning during the Covid-19 pandemic, digitisation of education, and prevalence of online learning platforms are key triggers that enlarged the attack surface.
The report, titled “Cyber Threats Targeting the Global Education Sector”, also claimed that data shows a 20 per cent increase in cyber threats to the global education sector in the first three months of 2022 when compared to the corresponding period of 2021.
The report has been compiled by the Threat Research and Information Analytics Division of CloudSEK, a Singapore-based AI-driven Digital Risk Management Enterprise.
CloudSEK’s XVigil platform scours thousands of sources (across the surface, deep and dark web) to detect cyber threats, data leaks, brand threats and identity thefts.
“Of the threats detected in Asia and Pacific last year, 58 per cent of them were targeted at Indian or India based educational institutions and online platforms. Indonesia was distant second being the target of 10 per cent of cyber threats. This included attacks on BYJU’s, IIM Kozhikode and Tamil Nadu’s Directorate of Technical Education,” the report said.
“Overall, the USA was the second most affected country across the globe with a total of 19 recorded incidents, accounting for 86 per cent of the threats in North America. these include ransomware attacks on prestigious institutions such as Howard University and the University of California. In addition, high-risk API vulnerabilities were uncovered in Coursera, the massive open online course provider,” it added.
According to Darshit Ashara, Principal Threat Researcher at CloudSEK, the growing global education and training market both online and offline, is expected to reach USD 7.3 trillion by 2025.
“This promising outlook is predicated on the expanding education technology market, population growth and increasing digital penetration in developing countries. Hence, it’s no surprise that cybercriminals are gravitating towards entities and institutions in the sector,” he said.
Adoption of remote learning by schools, universities and related entities to combat the disruption caused by the ongoing Covid-19 pandemic; large-scale digitisation of educational content material, student data and documents and online learning platforms catering to the needs of everybody ranging from preschool children to retired professionals are among the reasons listed in the report, behind the trend.
The report findings indicate that several cybercriminals are actively leaking databases, accesses, vulnerabilities and exploits, and other information belonging to educational institutions, on cybercrime forums.
“Databases and accesses are the most commonly sought after data types. The databases leaked from educational institutions primarily contain information Personally Identifiable Information (PII) of students and their families, including name, date of birth, email address, phone number, and physical address; website user records and credentials and examination results and scores,” it said.
The experts have asserted in the report that given the size and impact of the education sector, it is critical for institutions, students, parents, teachers, and the government to ensure that the information gathered and stored is not leaked and exploited by cybercriminals.
Creating awareness among users regarding cyber-attacks, online scams, and phishing campaigns; enacting strong password policies and enabling multi-factor authentication (MFA); updating and patching software, systems, and networks on a regular basis; maintaining multiple backups, both online and offline, in separate and secure locations; monitoring logs for unusual traffic and activity to websites and other applications are among the recommendations made in the report.
“The institutions should block illegitimate IP addresses and deactivate port forwarding using network firewalls. They should perform real-time monitoring of the internet to identify and mitigate low-hanging threats, such as misconfigured apps, exposed data, and leaked accesses, that are leveraged by cybercriminals to carry out large scale attacks.
“The students, parents, faculty, and staff should avoid clicking on suspicious emails, messages and links; not download or install unverified apps; use strong passwords and enable multi-factor authentication (MFA) across accounts,” the report added.