What cyberthreats does the education sector face?

Unique cybersecurity threats are being faced by the education sector, according to a new report.

Released by Trustwave, the 2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies report explores industry-specific risks and equips cybersecurity leaders in the education sector with actionable insights and strategies to strengthen their defences.

Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for cyber attacks. These attacks not only threaten the safety and security of teachers and administrators, but they put the privacy of students, staff and other associated entities at risk.

Trustwave SpiderLabs’ latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques and procedures. The education sector faces significant cybersecurity risks, ranging from job offer scams targeting students to the critical exposure of networked devices due to vulnerabilities in public-facing applications.

“The education sector faces an incredible challenge in navigating a diverse and fluid attack surface with increasing financial pressures, leaving little room for error as digital leaders aim to sustain resilience to threats,” said Kory Daniels, Chief Information and Security Officer at Trustwave.

“Student, staff, alumni and professor data each provide different lures and motivators for threat actors to maliciously target the institution, or the individuals affiliated. Our latest threat briefing serves as a vital resource for cyber defenders, equipping them with actionable insights in navigating the latest threats and defences of their students, staff and data.”

The Trustwave SpiderLabs report analyses threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. A few key findings from the report include:

• The threat group LockBit accounted for 30% of ransomware incidents targeting the education sector.
• Apache Log4j (CVE-2021-44228) continues to be the most common exploit attempt against educational institutions, accounting for 74% of attempts.
• There is significant exposure of critical systems and devices with 1.8 million devices related to the education industry being publicly exposed.
   

Image credit: iStock.com/PaperFox