Verizon just released its Data Breach Investigation Report (DBIR) for 2022, which includes some startling figures. While cyberattacks have plagued every industry, the education sector has been hit particularly hard. Let’s get started.
Finding the factors
- Ransomware assaults were responsible for more than a third of all breaches in the sector.
- Data disclosure was implicated in 282 of the 1,241 cases identified.
- System infiltration, simple web app assaults, and various failures accounted for 80% of the breaches.
- While external actors were responsible for 75% of external breaches, the remaining 25% were attributed to internal failures.
- 95 percent of breaches were motivated by financial gain, while the remaining 5% were motivated by cyberespionage.
- Personal information was exposed in the majority of security breaches (63 percent), followed by passwords (41 percent), and miscellaneous information (23 percent ).
- An email sent to the incorrect recipient or with the improper attachment was responsible for 34% of the mistakes.
Why is this significant?
Attacks on the education sector’s external infrastructure are frequently launched by financially motivated threat actors. Nonetheless, as the numbers above show, there are breaches in the industry owing to mistakes. Although these types of mistakes have become less common over time, they are still rather common and should be considered given the range of data handled by educational institutions.
Recent occurrences
The FBI has issued a study on a danger of credential theft targeting higher education institutions in the United States. After gaining access to the credentials, the attackers either sell them on underground forums or make them public. VPN access and network credentials are common examples of sensitive information for sale.
Regina Public Schools’ internet-based systems, including educational tools and email, were all knocked out by a hack. Cl0p’s ransomware assaults on K-12 school systems in New Mexico and Ohio resulted in the threat actor collecting and releasing sensitive data.
A data breach at Washington University School of Medicine is said to have exposed some of the school’s patients’ sensitive health information.
Keep yourself protected
Applying local device credential protection solutions, allowing network segmentation, monitoring for abnormal traffic, and implementing brute force protection are all recommended by the FBI as ways to reduce credential exposure. Furthermore, because RDP connections are regularly targeted by hackers, verifying them is a necessary. Because ransomware attacks against the financial industry aren’t going away anytime soon, implementing proper solutions is the best approach to avoid credential leakage.