INSUBCONTINENT EXCLUSIVE:
Cyberattacks against schools have increased dramatically and this year has already seen almost as many incidents as the previous two years
combined, according to Barracuda which analyzed data compiled by the K-12 Cybersecurity Resource Center (k-12 CRC) which has been tracking
reported attacks against schools since 2016.So far in 2019, there have been 301 attacks against schools compared to 124 in 2018 and 218 in
However, these figures only account for reported cases and it is highly likely that additional cases either went unreported or even
undetected as stealthy malware is used to steal information, participate in botnets or mine cryptocurrency.In a recently published report
from the National Cyber Security Centre (NCSC), it was revealed that 83 percent of 430 schools across the UK had experienced at least one
cybersecurity incident even though 98 percent of schools used antivirus software and 99 percent had some sort of firewall protection.By
using a single source of open threat intelligence data a list of all known websites belonging to US and UK schools, researchers from
Barracuda found 234 unique malware samples that tried to connect to school domain names
The firm also found 123 IP addresses with the same set of schools that had a negative reputation which could point to additional malicious
activity.Barracuda's research found that data breaches (31%), malware (23%), phishing (13%), network or school infrastructure hacks (10%)
and denial-of-service attacks (4%) were the most common threats targeting schools.There are a number of reasons behind this increase in
cyberattacks against schools including the fact that many school districts only have one or two IT personnel with no dedicated cybersecurity
The increase in school-issued devices in recent years is another factor as it has drastically expanded the attack surface along with the
number of systems which need to be secured.Phishing accounted for 13 percent of the incidents reported to the K-12 Cybersecurity Resource
However, the real number of phishing related incidents is probably much higher as phishing is unlikely to be reported in a school setting
unless an incident occurs as a result or the campaign is large enough to warrant attention.To better protect against cyberattacks, Barracuda
recommends that schools increase their perimeter security through network firewalls, web filters and email protection, internal network
security by keeping up with security patches and their incident response capabilities
Maintaining a capable IT security staff is also an essential step to preventing cyberattacks in the first place.
