Schools have never been under so many serious cyberattacks, a new report by Barracuda claims. Analysing schools in the US, it says it tracked a total of 301 attacks so far, which is more than all the attacks from 2017 (218) and 2018 (124) combined.
It also claims that the situation may be even more dire, as many schools decide not to report on these types of incidents. There are also those that don't even know they were attacked, as stealthy malware looks to gather data, use the infected machines as parts of a botnet, or to mine cryptocurrency for the attackers.
At the same time, the National Cyber Security Centre polled 430 schools in the UK and found that more than four in five were victims of at least one attack in the previous year, despite virtually all of them having some form of antivirus or cybersecurity solution.
A total of 234 unique malware were used in these attacks, from 123 different IP addresses. Hackers were mostly trying to distribute malware, but they were also engaged in phishing attempts, attacking network infrastructure and DDoSing.
Barracuda argues that the significant increase in the amount of attacks can be tied to rising awareness of the vulnerability of these institutions. First of all, they understand that minors don’t have the critical thinking skills necessary to properly assess potential attacks.
They’re also aware that schools rarely have budgets to onboard serious IT security experts. In many cases, school districts have one or two IT personnel, making them understaffed, overwhelmed and overworked.