Cyber Criminals Intensify Attacks on Global Education Sector: Polish Universities Among Key Targets Amid Surge in Cyber Threats

SECURITYCyber Criminals Intensify Attacks on Global Education Sector: Polish Universities Among Key Targets Amid Surge in Cyber Threats

Cyber Criminals are launching powerful attacks on the global education and research sector! The average institution of this type has recorded more than 3000 attacks per week. This is a 37% increase compared to 2023. The school system in India is experiencing the greatest threat with nearly 7000 weekly attacks. In Europe, cyber criminals most often target the education and research system in the United Kingdom, Italy, Germany and Portugal. Polish education is also experiencing numerous attacks – analysts from Check Point Software Technologies warn.

The victims of cyber attacks on Polish universities (January 2024) included the University of Zielona Góra, Radio Zachód, and the oldest private university in Bydgoszcz – the University of Economics (June 2024). The investigation into the case was initiated by the District Prosecutor’s Office in Zielona Góra in June 2024. According to preliminary findings, the attack consisted of changes in the systems that blocked information transmission. The investigators believe that the Russia-linked hacker group Akira was behind the attack.

In 2023 – just before the NATO summit in Vilnius, a massive cyber attack carried out by the Russia-linked CyberTriad group targeted the Military Academy of Art (ASzWoj). Hackers stole sensitive data related to the Polish defense system. They encrypted the computers of the university in such a way that the whole system collapsed.

Awareness of the threat of attacks increased among Polish teaching staff in February 2024 after a popular teachers’ forum was attacked. The portal reported an incident involving unauthorized access to personal data of users. As well as possible consequences of the attack in the form of “probability of data misuse – especially contact data (e-mail address, telephone number) to obtain further information or phishing scams.”

“Cyber criminals, by acquiring data, can either sell it, demand a ransom, or use it for other criminal activities, such as credit fraud. Education and research are, among other things, a source of confidential knowledge, research and resources that can be of interest to companies, countries, international organisations. Educational and government institutions are, after all, the group of the largest employers – organisations employing many people, where the probability of a successful attack on a user – the weakest link in the security system – can prove effective,” notes Wojciech Głażewski, country manager of Check Point Software in Poland. He adds that analytical data clearly indicate that over 90 percent of successful attacks on company systems are due to human error.

Educational institutions are key targets for hackers and cyber criminals, alongside healthcare, finance, and retail. Schools and universities hold massive amounts of personal data, which are extremely attractive to cyber criminals. In contrast to companies, which mostly manage employee data, educational institutions deal with a large number of staff and student data. Complex network structures, lack of adequate security and diversity of devices and access to the network create ideal conditions for cyber attacks.

Moreover, pupils and students often lack awareness about cyber threats, further increasing the risk. They bring their own devices to schools and campuses, use public Wi-Fi, and also work remotely from places with a low level of security, making university networks more susceptible to attacks.

Educational institutions are most commonly targeted in hacker attacks using ransomware (asking for ransom). According to cyber security experts, nearly 8 in 10 educational institutions have recorded such attacks in the past year, where hackers were hunting confidential data. To gain access to educational institutions’ resources, criminals most frequently used fraudulent e-mails, phishing messages, or exploited security loopholes in universities. Fortunately, in most cases, the data was recovered.

Main Targets

The most threatened region is believed to be Asia and the Pacific (APAC), where an average of 6002 attacks per week were recorded per organization. Meanwhile, North America noted the largest year-on-year increase in the number of attacks, at 127%.

The most vulnerable country, with 6874 attacks per week per organization, is India, experiencing a 97% increase compared to the previous year. The rapid development of remote learning and digitalisation of education in India has created new opportunities for cyber criminals, who target both schools and universities to obtain sensitive personal data.

In Europe, cyber criminals most often attack the education and research system in the United Kingdom, Italy, Germany and Portugal, with an average of 2804 attacks across the continent. This is an 18% increase in attacks compared to last year.

According to Check Point analysts, Polish education is also experiencing numerous attacks. They estimate that all Polish organizations experienced about 1900 cyber attacks per single organization in August, with education among the most vulnerable.

Increased Threats Before the Start of the School Year

Before the start of the school year, Check Point Research observed an increase in the number of malicious domains related to education. In July 2024, 12,234 new English-language school-related domains were created, with 1 in 45 proving to be malicious or suspicious. Many of these domains were used in phishing campaigns, which used file names related to school activities to lure victims.

The increase in cyber attacks on the education sector underlines the need to implement more advanced cyber protection measures. Schools, universities and research institutes need to understand that they are at the forefront of cyber crime and adapt their defence strategies to protect sensitive data and ensure operational continuity.

As noted by Check Point Research, the growing number of attacks on the education sector is proof that these institutions have become a focus of interest for cyber criminals. In the face of such serious threats, decisive action is needed to increase awareness and improve cyber security in these institutions.

Source: https://managerplus.pl/hawe-telekom-z-rekordowym-wzrostem-przychodow-o-83-w-2023-roku-78206

Exit mobile version