Cybersecurity for educational institutions – it’s always exam time
Hardik Modi, AVP engineering, threat and mitigation products at NETSCOUT, discusses insights from the 15th annual worldwide Infrastructure Security Report
Educational institutions have made strong investments in technology over the years, both to drive efficiency and productivity, as well as to enable new services – online testing, homework, teaching and administration. As natural users and innovators in advanced technology, they are also natural targets for online crime with many obvious motivations. While intellectual property theft remains a key target, something we observe at NETSCOUT is the threat to the availability of educational services. The use of DDoS against educational services is particularly rife.
In our recently published NETSCOUT Threat Intelligence Report, we revealed that we had observed 8.4 million DDoS attacks in 2019. It’s worth noting that at least 186,000 of these were reported against educational services worldwide. Below are monthly breakdowns for attack frequency as well as the largest attacks by volume that we saw targeting educational services last year. These details are available for review at NETSCOUT Cyber Threat Horizon – a free resource with live attack data.
Monthly DDoS attack count seen against Educational Services in 2019. Source: NETSCOUT
Largest DDoS attack by volume seen against Educational Services in 2019. Source: NETSCOUT
The following things stand out to me when I look into the data:
The attack frequency maps clearly to the global educational calendar, with a large part of the world’s population taking breaks during the summer in the northern hemisphere.
Looking at the types of attacks involved, it represents the full gamut of DDoS techniques, including new ones that first came to light in 2019. We reported on seven new attack vectors first observed in volume last year, demonstrating the level of innovation that’s driving trends across the attack landscape.
Outside of the data, we’ve had the opportunity to protect a few educational institutions against DDoS attacks worldwide and have come away with the following observations:
The attacks we saw were timed to coincide with key examinations that were administered online. While we could thwart those specific attacks, it was clear to us that the attacker didn’t go away until that period of exams had concluded.
In more than one instance, the systems used to launch the attack involved computing resources from other educational institutions. This doesn’t necessarily mean that the attacker had anything to do with that other institution, but the computer and network capacity often present at educational institutions make them attractive to use in attacks.
Of course, students aren’t the only, or perhaps even the main, threat to educational systems. Nation-state actors have been targeting higher education for a long time, primarily with a view to stealing the intellectual property often uniquely present there. Just over a year ago, NETSCOUT reported on a campaign we called STOLEN PENCIL, in which suspected North Korean actors had gained persistent access to range of universities and think tanks across North America.
Another cause for concern in educational services is the widespread proliferation of Internet of Things (IOT) devices. Colloquially, I take this to mean any non-standard computing device that connects to the network – think printers, IP-enabled video cameras, digital whiteboards, etc. These are often the basis for DDoS attacks worldwide today because of the poor security practices associated with many of them, as well as the sheer volume at which they are being deployed. Our research has shown that the malware family called Mirai has been extended to cover an ever wider set of device types, greatly expanding the potential scale of attacks that involve these devices.
Given this, it’s fair to say that educational services have to be vigilant against the cybersecurity threat. Strong network segmentation, best-of-breed DDoS protection and continuous monitoring are critical ingredients to ensuring that such services can be delivered in a safe and consistent manner.
Blended learning – Did we forget about the students?
Free Education Webinar with Class
Wednesday, June 15, 11AM London BST
Join our expert panel as we look at what blended learning means in 2022 and how universities can meet the needs of ever more diverse student expectations.
Advertisement / Google
Advertisement / Google
Cybersecurity for educational institutions – it’s always exam time
Staff
Educational institutions have made strong investments in technology over the years, both to drive efficiency and productivity, as well as to enable new services – online testing, homework, teaching and administration. As natural users and innovators in advanced technology, they are also natural targets for online crime with many obvious motivations. While intellectual property theft remains a key target, something we observe at NETSCOUT is the threat to the availability of educational services. The use of DDoS against educational services is particularly rife.
In our recently published NETSCOUT Threat Intelligence Report, we revealed that we had observed 8.4 million DDoS attacks in 2019. It’s worth noting that at least 186,000 of these were reported against educational services worldwide. Below are monthly breakdowns for attack frequency as well as the largest attacks by volume that we saw targeting educational services last year. These details are available for review at NETSCOUT Cyber Threat Horizon – a free resource with live attack data.
The following things stand out to me when I look into the data:
Outside of the data, we’ve had the opportunity to protect a few educational institutions against DDoS attacks worldwide and have come away with the following observations:
Of course, students aren’t the only, or perhaps even the main, threat to educational systems. Nation-state actors have been targeting higher education for a long time, primarily with a view to stealing the intellectual property often uniquely present there. Just over a year ago, NETSCOUT reported on a campaign we called STOLEN PENCIL, in which suspected North Korean actors had gained persistent access to range of universities and think tanks across North America.
Another cause for concern in educational services is the widespread proliferation of Internet of Things (IOT) devices. Colloquially, I take this to mean any non-standard computing device that connects to the network – think printers, IP-enabled video cameras, digital whiteboards, etc. These are often the basis for DDoS attacks worldwide today because of the poor security practices associated with many of them, as well as the sheer volume at which they are being deployed. Our research has shown that the malware family called Mirai has been extended to cover an ever wider set of device types, greatly expanding the potential scale of attacks that involve these devices.
Given this, it’s fair to say that educational services have to be vigilant against the cybersecurity threat. Strong network segmentation, best-of-breed DDoS protection and continuous monitoring are critical ingredients to ensuring that such services can be delivered in a safe and consistent manner.
You might also like: E-learning technologies: new opportunities or stumbling blocks for education?
Advertisement / Google
How innovation is smashing digital learning barriers
A year ago, Unicef announced that more than one billion children were at risk of…
Aston University to offer scholarships for computer-based courses to help bridge the digital divide
Aston University has received £120,000 from The Access Foundation to fund 24 UK student scholarships on…
Will the metaverse send education into a new dimension?
Steve Kaufmann: ‘Language learning with the internet is endless’
EyUp guarantees graduates jobs, or their money back
Recoding education: Why the time for change is now