cyberattacks on education platforms

Cyberattacks on education platforms are growing because of massive vulnerabilities in these platforms

Last spring, the outbreak of the Covid-19 pandemic put nearly every industry at a halt. The Education sector is no different, however, it successfully pivoted from this challenge as online learning became the new norm. Schools and universities started imparting education virtually. However, suddenly changing to a new form of teaching and learning was challenging due to lack of technology accessibility, lack of stable internet connection, etc. But, one of the crucial challenges of online learning was cyberattacks on education platforms and applications.

In June 2020, Microsoft Security Intelligence reported that out of the 7.7 million malware encounters, 61% was from the education industry. Also, let’s not forget the havoc ‘Zoom-bombing created with unauthorized guests created chaos in the classes.

However, cyberattacks on education platforms are not new. According to the K-12 Cybersecurity Research Center, more than billions of such incidents have been happening since Jan 2016.

While online learning platforms have garnered a lot of attention and adoption, it has also attracted a lot of attention from malicious hackers and threat actors trying to harm through attachments, links, web pages,etc.

However, surprisingly, the most common cyberthreats on education platforms were not-a-virus. Not-a-virus is divided into two categories- adware and riskware. Adware is when it hammers users with unwanted ads. Riskware contains various files, from browser bars to administration tools, and does activities without your consent on the computer.

Other cyberattacks on education platforms were backdoors, trojans, etc. exploiting a vulnerability in an education platform to gain unauthorized access.

With digitization, the importance of smartphones has surged. A lot of such online learning platforms are responsive and flexible, enabling students to sit in a virtual class through a mobile app. According to a study by Synopsys Cybersecurity Research Centre (CyRC), the highest number of vulnerabilities of mobile apps were witnessed in educational apps.

This, definitely, raises concerns about the security practices during the development and production of such educational apps.

According to Anton Ivanov, a security expert at Kaspersky, it is difficult to stop the rising cyberattacks on education platforms until students’ teaching and learning goes back to the traditional form of classroom learning. Till then he believes education platforms will be a popular target for criminals.

Meanwhile, cyberattacks against universities are also rising. The University of Utah paid more than $450,000 due to a ransomware attack on its computers. The hackers encrypted about 0.02% of the data before the U.‘s Information Security Office identified the attack.

Cybercriminals are leveraging technology to evolve their tactics, resulting in sophisticated attacks. Nonetheless, online learning is here to stay. This means, cybercriminals will continue exploiting education platforms for their own gain. Education institutes are bound to face a growing number of cyber risks.

To mitigate this challenge, educational institutions should review their existing security programs and practices and find loopholes and vulnerabilities. The need of the hour is deploying a robust security platform that will help in minimizing the risk of cyberattacks. Further, adopting strong principles and practices will help in securing online learning platforms.

Developers of education apps should try to make sure security patches and aspects are overviewed in each phase of development, from design to implementation to maintenance. Also, creating awareness of such issues can help everyone to be mindful of their actions and not leaving any loophole for cybercriminals to take advantage of.

The pandemic has made it clear that risks are applicable for each industry. The education industry is becoming the new favorite of cybercriminals because of the massive vulnerabilities this industry has in terms of online platforms and education apps.