A survey from cybersecurity firm Netwrix revealed that most educational institutions have become increasingly concerned about cyberattacks after the transition to online learning due to the pandemic. The survey “2020 Cyber Threats Report” sheds light on how the outbreak and e-learning initiatives changed the cybersecurity risk landscape.
According to the survey, over 33% of respondents said they are more vulnerable to cyberattacks than they were pre-pandemic. Nearly, 89% of them admitted they identified new security gaps due to the rapid transition to remote education, which is the highest finding among all sectors.
- Around 92% of educational organizations consider inappropriate data sharing to be a top security risk. While 41% of respondents reported that they had suffered such incidents in the first few months of the pandemic, making it one of the most common threat scenarios experienced. Other types of incidents reported included phishing (50%) and administrator mistakes (31%).
- 78% of the educational institutions said they are at greater risk now than before the pandemic and are concerned that users may ignore security guidelines.
- Concern about malicious actions by rogue admins dropped from 92% to 9%. Indeed, only 12% had such incidents, but they had the longest dwell time, 43% of respondents needed weeks or months to detect the issue.
- Every fourth educational organization experienced misconfiguration of cloud services in the first few months of the pandemic.
“To minimize the risk and impact of human errors, we recommend investing in security training and easy-to-use collaboration tools. The latter will eliminate the temptation to share sensitive records through unsanctioned solutions, while giving the IT team enough control and auditability. Also look for ways to leverage automation to augment the IT team’s efforts. For instance, data classification will help them focus their security efforts on the most critical data, while automating audit trail collection and analysis will enable them to detect and investigate incidents faster,” recommended Ilia Sotnikov, VP of Product Management at Netwrix.
Cyberattacks on E-Leaning Platforms
There has been a surge in the usage of online learning platforms during the pandemic, which also attracted the cybercriminals to launch their malicious acts. In the recent past, hackers targeted multiple e-learning portals to steal users’ personal information. India-based online learning platform Unacademy suffered a data breach that exposed details of 22 million users. Cybersecurity firm Cyble revealed that the unknown hackers kept 21,909,707 user records for sale at $2,000 on darknet forums. The compromised information included usernames, hashed passwords, date of joining, last login date, account status, email addresses, first and last names, and other account profile details. Earlier, a Spanish e-Learning platform 8Belts suffered a data breach that exposed personal data of over 100,000 e-learners across the globe.