Education sector hounded by cyberattacks in 2021

Education and research were the top targets for cyberattackers in 2021, with an average of 1605 attacks per organization per week, a 75% increase from 2020, according to research by Check Point Software Technologies.

Pandemic’s push for digital invites threats 

The COVID-19 pandemic has pushed staff in businesses and education to work from home. The resulting need for digital skills and online courses has boosted the digital education market, creating opportunities for study but also for cyberthreats.

A major shift to distance learning and the fact that online education organizations have a huge number of non-employees accessing their systems from remote locations widens the exposure, elevating risks, according to Omer Dembinsky, data research manager at Check Point.

Following closely behind the education sector is the government and military sector which registered 1136 attacks per organization per week in 2021, a 47% increase from the previous year. Government has always been a major target for such attacks owing to the sensitivity of its undertakings. The shift by governments worldwide to providing services to citizens online created another target.

Third on the list is the communication industry, logging 1079 attacks weekly per organization, 51% higher than last year.

Constellation Research analyst Liz Miller sees the education sector as an easy target for bad actors as it has not prioritized cybersecurity, while the pandemic “forced educators into being accidental CIOs” as they sought to move teachers, staff, and students onto new technologies from home. “Ransomware attackers also understood that schools needed to operate and were not getting as much attention for critical updates and heightened security postures as, say, hospitals or medical institutions,” she said.

Top attacks: Log4j vulnerability, ransomware

In 2021, there was a 50% overall jump in cyberattacks, says Check Point’s Dembinsky.

“Although the increase was really across the board, in December the added attacks attributed to Log4j vulnerabilities indeed helped push the numbers up. There has also been a 57% increase in ransomware impact on corporate networks and 59% in info stealers,” he said. Check Point found that there were millions of attacks per hour attempting to exploit the Log4j vulnerability, in November and December 2021.

Log4j is a free, open-source logging framework developed by Apache logging services, used widely by vendors including AWS, Apple iCloud, IBM, Cisco, Cloudflare, Microsoft, Minecraft, and VMWare, among others. The recently discovered vulnerability allows attackers to execute malicious code remotely on a target computer running the framework. It was first found and reported by Chen Zhaojun of the Alibaba Cloud Security Team on 24 November 2021 and has since been fixed with successive patches.

Other key findings of the Check Point report included Africa being the most attacked region in 2021 with 1582 attacks per organization per week, up by 13% against 2020, followed by Asia-Pacific with 1353 attacks and a 25% increase.

Top defenses: partnering on privacy, and employee education

Analysts and researchers have some suggestions for corporate leaders and security officers to deal with the constant rise in attacks.

Constellation’s Miller recommends trying to “find champions in colleagues rather than your usual IT and technology guys,” to partner up in strengthening the security agenda. “I am a huge advocate for a tight alignment and partnership between the CISO and the chief marketing officer,” she says. “A partnership here turns security conversations into brand security conversations where issues like privacy become a strategic value for the organization and not just an operational checklist of compliance.”

Understanding the different layers of software and networks with timely checks on updates and patches can prove critical while arming against attacks, according to Miller.

Check Point’s report suggests a security architecture delivering a unified protection infrastructure with comprehensive and faster protection, as opposed to a scattered infrastructure with pieces that either don’t work together or take awfully long. It also recommends maintaining proper security hygiene, which includes patching, network segmentation, employee education, and implementing state-of-the-art security technology.