SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
EduTech
#
Digital Resilience
#
Higher education
Trustwave reveals cybersecurity threats targeting education sector
Fri, 23rd Feb 2024
Author image
By Imee Dequito, Editor
Follow us

Trustwave, a prominent cybersecurity and managed security services provider, has recently published an in-depth analysis which reveals distinct cybersecurity threats that education institutions are confronted with. Titled “2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” the report serves as a crucial insight into sector-specific risks and equips cybersecurity leaders in the education sector with actionable strategies to reinforce their defences.

Educational institutions, ranging from primary school systems dealing with sensitive data of minors to higher education entities guarding intellectual property data, are viewed as prime targets for cyberattacks. These attacks not only compromise the safety of teachers and administrators but also pose serious threats to the privacy of students, staff, and other relevant entities.

The latest research from Trustwave SpiderLabs provides an in-depth understanding of the attack flow deployed by threat groups, shedding light on their methods and procedures. The numerous cybersecurity risks faced by the education sector vary significantly, ranging from job offer scams targeting students to the exposure of networked devices due to vulnerabilities in public-facing applications.

Kory Daniels, the Chief Information and Security Officer at Trustwave, stated that, “The education sector faces an incredible challenge in navigating a diverse and fluid attack surface with increasing financial pressures, leaving little room for error as digital leaders aim to sustain resilience to threats”. He also expressed his concern that data related to students, staff, alumni, and professors can act as bait attracting threat actors aimed at targeting either the institution itself or associated individuals. He insisted that the recent threat briefing made available by Trustwave is a vital resource aiding cyber defenders by equipping them with actionable insights to navigate the latest threats and protect their students, staff, and data.

The Trustwave SpiderLabs report scrutinises various threat groups and their methodologies throughout the attack cycle, beginning from the initial foothold to the ultimate exfiltration. Key findings from the report include: The threat group LockBit was responsible for 30 per cent of ransomware incidents targeting the education sector; Apache Log4j (CVE-2021-44228) continues to be the most common exploit attempt against education institutions, accounting for 74 per cent of attempts; and a significant exposure of critical systems and devices with 1.8M devices related to the education industry being exposed publicly.

Trustwave continues to be globally appreciated for its role in augmenting cybersecurity resilience and reducing cyber risk against disruptive and damaging cyber threats. With its world-class team of security consultants, threat hunters, and researchers, Trustwave is committed to minimising the potential impact and likelihood of cyber-attacks.

Related stories
Ransomware activity spikes 20%, hospitals now in crosshairs
Aqua Security celebrates consecutive year of channel growth
Kaspersky illuminates LockBit ransomware group's advanced tactics
First-party data collection prioritised due to privacy laws
92% of global PCs ill-equipped for modern AI, warns Absolute Security
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds