Education sector experiences highest volume of attacks every month

Check Point Research (CPR) recently released its Cyber Attack Trends: 2022 Mid-Year Report, which stated that, similar to the top industry ranking in 2021, the first half of 2022 shows significant increases in attacks across all sectors.

Education and research remains the most targeted industry, with an average of 2,297 attacks against organizations per week in the first half of 2022, a 44 percent increase over the first half of 2021. In today’s report, we provide additional insights into that sector and present detailed, albeit alarming, statistics.

Education/Research sees a 114% increase in the last 2 years

According to CPR, the Education/Research sector experienced the highest monthly volume of attacks in 2022 and 2021 globally.

In July 2022, the Education/Research sector has more than double the average number of weekly cyber-attacks as the other industries. Every week, this industry experienced nearly 2,000 attacks per organization (a 6 percent increase compared to July last year and 114 percent increase compared to July two years ago). Such attacks can have devastating consequences, as in the case of Lincoln College, where a ransomware attack was the final straw in their decision to close on May 13, 2022, after 157 years.

ANZ is the most attacked region in July 2022

When we look at education attacks by region in July 2022, we see that ANZ was the most heavily attacked region, with 4,176 attacks per organization per week (7 percent less than in July 2022), followed by Asia with 4,171 attacks (5 percent more), and Europe with 1,861 attacks (6 percent decrease).

Latin America has experienced the greatest increase in weekly cyberattacks, with a 62 percent increase since July 2021.

Omer Dembinsky, Data Group Manager at Check Point Software said “Students, parents and schools are tempting targets for hackers, mainly because of data. There’s lots of it. From gradebooks to online assignments, hackers have far more access points to sensitive information and data. Data is leverage for hackers and can be used to orchestrate ransomware attacks. The COVID-19 pandemic forced a big shift to remote learning. However, the shift to remote learning has increased the potential attack surface of hackers significantly.

In other words, the door is much wider for hackers to infiltrate school computer networks. All it takes is for one teacher, student, or parent to click on a phishing email created by a cyber criminal and a ransomware attack could be underway. Education and Research is by far the most attacked industry sector, seeing a 114% increase in the past two years. With back-to-school right around the corner, we are urging students, parents and school to exercise the highest level of cyber security practices. Cover your webcams when not in use. Talk to your kids about phishing. And vet 3rd party applications and more.”

Staying protected against cyber-attacks, tips for schools and students

• Be phishing-aware: Be wary of clicking on links that appear suspicious in any way, and only download content from trusted sources that can be verified. Remember that phishing schemes are a type of social engineering, so if you receive an email with an unusual request, carefully check the sender’s details to ensure that you are communicating with colleagues rather than cyber criminals.

• Using behavioral analysis and generic rules, anti-ransomware technology can detect ransomware and uncover running mutations of known and unknown malware families.
• Passwords matter: It is a good idea to review and strengthen passwords that you use for logging onto remote resources, such as email or work applications. 
• Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
• Deploy Email Security Solutions– Modern email filtering solutions can protect email messages from malware and other malicious payloads. Emails with malicious links, attachments, spam content, or language that suggests a phishing attack can be detected by solutions. Email security solutions automatically detect and quarantine suspicious emails, and they employ sandboxing technology to “detonate” emails to determine whether they contain malicious code.

How Can Check Point Help

Check Point’s Anti-Ransomware technology employs a purpose-built engine that protects against the most sophisticated, evasive zero-day ransomware variants and safely recovers encrypted data, ensuring business continuity and productivity.

Check Point’s leading endpoint prevention and response product, Harmony Endpoint, includes Anti-Ransomware technology and protects web browsers and endpoints by leveraging Check Point’s industry-leading network protections. Harmony Endpoint provides comprehensive, real-time threat prevention and remediation for all malware threat vectors.