Australian education sector increasingly susceptible to cyber-attacks – study

Australian education sector increasingly susceptible to cyber-attacks – study

The recent surge in COVID-19 cases has pushed many Australian schools to shut down to curb the spread of infection – and with most of them shifting back to a remote learning setup, the risk of exposure to cyber breaches has magnified.

A recent report by cyber threat intelligence provider Check Point Research revealed that compared to other sectors, schools and other educational institutions across the globe have experienced the highest number of cyber-attacks last month.

July figures showed that the education and research sector had an average of 1,739 attacks per organisation weekly, a 29% rise from the first half of the year.

Australia’s education sector has also seen the fourth highest number of cybersecurity breaches last month at 3,934 weekly, increasing 17% from first half 2021 numbers. Among these incidents is the attack on New South Wales’ Department of Education, which forced the department to shut down many of its online learning platforms days before the school term was set to open.

The country trailed only India, averaging 5,196 attacks weekly per organisation (22% rise), Italy with 5,016 attacks weekly (70% increase), and Israel with 4,011 per week (51% ascent).

In terms of region, the Asia-Pacific region, which includes Australia and New Zealand, posted the third highest weekly average at 3,684 attacks, a 17% rise from first half 2021 figures. South Asia had the greatest number of cybersecurity breaches at 5,084 per week (23% rise), followed by East Asia with 3,873 attacks (79% increase).

“Cybercriminals tend to target organizations and industries that they know are vulnerable,” information technology publication TechRepublic wrote in its analysis. “[S]chools have had to move to a remote learning setup for teachers and students. And given that COVID-19 still presents a threat with the Delta variant, schools continue to find themselves in a confusing, uncertain situation. All of that is why the educational and research sector has been hit by a higher number of cyber-attacks than other industries.”

Tips to prevent cyber-attacks

To avoid falling prey to these kinds of attacks, Check Point shared five important tips that schools and other educational institutions can practise:

1. Review passwords. Review and strengthen passwords that you use for logging onto remote resources, including emails and work applications.

2. Be aware of phishing attacks. Avoid clicking on links that look suspicious and only download content from sources that are reliable and can be verified. If you receive an email with an unusual request, check the sender’s details carefully to make sure that you are communicating with colleagues, not cyber criminals.

3. Reduce the attack surface. For endpoints, you need to take full control of peripherals, applications, network traffic, and data. Encrypt data when it is in motion, at rest, and in use. Be sure to enforce your corporate policies to achieve endpoint security compliance.

4. Deploy anti-ransomware technology. This allows you to detect signs of ransomware and uncover running mutations of known and unknown malware families by using behavioural analysis and generic rules.

5. Contain and remediate cyber breaches: Contain attacks and control damage by detecting and blocking command and control traffic. Prevent the lateral movement of malware by isolating infected machines. Ensure you clean your environment by restoring encrypted files, quarantining files, killing processes, and sterilizing the full attack chain.