The cybercrime, although it was present previously, it has been increasing with the irruption of the pandemic, due to teleworking and the impulse of digitization.
The education sector it has been one of the most punished. According to the SonicWall Cyber Threat Report 2021, the data shows that attacks are increasingly targeting the education sector and this is due to its informational value. 2020 has been the year in which more attacks ransomware or data hijacking have suffered.
As highlighted Qualiteasy, importer of Faronics Inc. solutions in Spain, educational centers are a easy target for cybercriminals due to the connectivity of a high number of users through different devices, the rise of online education or WiFi networks.
Cost
Computer attacks represent a high cost for educational institutions. Thus, the Sophos study “State of Ransomware in Education 2021” warns that the financial impact for this type of entity in 2020 was 2.34 million euros, 48% higher than the global average. Likewise, the same report confirms that more than a third (35%) of those who suffered the encryption of their data gave in to the demands of the attackers and paid the ransom. The average ransom payment was 96,238 euros.
Attack types
As for the most common types of cyberattacks suffered by colleges or universities, they are known as DDoS (denial of services). Its objective is to overload and saturate computer systems to make them inaccessible to the user. Despite this, there are other types of computer attacks that are also common, such as phishing or malware.
Phishing consists of sending emails that falsify the identity of a reputed service or entity with the aim of sending documents to download or malicious links to click. Whereas with malware it is about running a computer program without the consent of the user.
Main vulnerability issues
The pandemic brought with it an acceleration in the digitization of educational centers. Online classes became widespread. This is one of the causes of having a greater exposure to attacks from cybercriminals. In addition, according to a study promoted by the BBK Foundation, the sensitive information stored by the centers, together with the minimum level of cybersecurity and digital competence of the users of the system, represent a potential risk.
In the same way, cloud services without an efficient cybersecurity system can be another of the security breaches of colleges and universities. Also, another report includes alarming data, such as that 63% of schools do not review permissions on a regular basis, 22% do not know how access rights are granted, 24% admitted granting direct access rights to all requests, and only 18% have a dedicated full-time cybersecurity professional on staff.
