AMP AMP

Schools are the most common cybercrime targets - ESET

Educational institutions are found to be the most sought after sector for cyber criminals, if the reports from ESET are to be believed.

The main reason that these organization target schools, both higher education and local, is they can hack all types of data in one place such as health care information, student and employee personally identifiable information (PII), and even payment card data and research, says ESET researcher Lisa Myers.

The number of comprised records that has led to this is not fully known.

“ According to the Privacy Rights Clearinghouse, there were only 19 breaches in the education sector in 2016, comprising fewer than 65,000 records. But of these 19 breaches, 11 report an unknown number of records accessed, so their totals were not included,” Myers said. Also, there were five other incidents in which an additional 613,000 records were breached, “ information which is not included in the report,” Myers further added.

Since the beginning of this year, there is a steady rise in the number of attacks and the cyber criminals not only target worker tax PI but also the students as they are not immune to these attacks.

To overcome the threats posed by the cyber criminals, Myers suggests a few of basic security steps such as updating installed software, networking segmentation, require stronger authentication and encryption.

“ With research showing that 52% of data breaches as a result of user error, it is important to make it mandatory for employees to take part in some sort of cyber education,” Myers wrote.

She also further added that staffers should supervise and check whether they function in a safe way, if so they should be rewarded.

FAQ
Q
what is meant by Ransomware?
A
Ransomware is one of the most impactful and widespread threats today. Education has been the number one target of ransomware attacks over the past couple of years. Education accounted for almost 1/4 of all ransomware attacks in 2016 according to a threat report from Kaspersky Security Bulletin. Outpacing every other industry on the planet, it is no secret that ransomware is a threat to education.
Q
what is Phishing?
A
Phishing campaigns often target average employees who have no specialized cybersecurity knowledge and who only use online technology incidentally in the course of their duties. For example, unsolicited emails with infected attachments are often sent to HR departments.
Q
what is Cryptomining Malware?
A
In schools specifically, we have recently seen cryptomining malware becoming more common than ransomware by a large margin in a very short period of time. According to Checkpoint, the frenzy of cryptocurrency mining has caused a “frenzy” of this malware to hit the internet in droves. This malware isn’t always as immediately detrimental to a school or business as other types of cyberattacks. Cryptomining malware slows networks down to a crawl and shortens the lifespan of computing systems.
Q
what are Three Major Types of Cybercrime Hitting School Districts?
A
Three Major Types of Cybercrime Hitting School Districts are
1. Ransom and Extortion
2. Phishing
3. Cryptomining Malware
Q
How Schools Become Targets?
A
For all of our customer’s networks that we monitor, including school districts, we are constantly seeing malicious bots scanning public-facing systems for vulnerabilities. Public-facing systems are any systems that can be accessed publicly through the internet. The malicious bots are built to report what is vulnerable or automatically exploit these systems, then hand control over to their commander.