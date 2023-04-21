



Cybercriminals are human, and their quirks, preferences, and practices are subject to change. According to a new report from SonicWall, in 2020 and 2021, governments were the top malware targets, with ransomware appearing to favor other types of malware attacks across sectors and geographies.

But in 2022, cybercriminals have changed that pattern. The report found that ransomware attacks declined (21%) in this new threat landscape across industries and geographies, but malware attacks overall increased (2% after a three-year decline). gain). Educational institutions were also the top targets for malware.

Malware and malicious software collectively are general terms that refer to software used to access a system with the intent of compromising, damaging, or destroying devices, networks, or data. Malware includes viruses (software designed to spread from one computer to another), spyware (software designed to collect user data without your knowledge), keyloggers (computer keystrokes, ), and many other malicious applications.

Ransomware is another type of malware. In ransomware attacks, criminals lock down and encrypt users’ files. The attacker then demands money to unlock the files.

2021 was such an outlier for ransomware attacks that the researchers say that the idea that global ransomware attacks fell as we dug deeper into the data could be misleading when taken in isolation. That’s it. Aside from that outlier, ransomware attacks have been on the rise since 2018.

In any case, according to SonicWalls 2022 Threat Mindset Survey, the majority of people who spend their days protecting their computer networks recognize malware attacks, including ransomware, as a persistent threat. In this survey, the majority of respondents saw both as their top threats.

Higher education saw an increase in malware attacks, albeit less dramatically than the K-12 sector. Ransomware Attacks in Higher Education He Decline in 2022. This is especially notable given the staggering increase in such attacks targeting K-12s.

Cybercriminals often target known vulnerabilities in computer networks. However, software updates and patches only work if they are installed. Universities face significant hurdles in updating and patching the myriad of devices that run on networks designed to share information openly. The challenge is compounded by the spread of remote students, faculty, staff, and visitors across campuses and continents.

Mike Cullen, principal of Baker Tilly’s risk advisory practice and head of the higher education institution’s cybersecurity and IT risk team, said universities are more aware of the risks of cyber threats and what needs to be done. He said he knew it well. That said, that doesn’t mean they always have all the money and all the manpower and talent they need to protect themselves.

Malware on the Rise in Higher Education Institutions

According to the report, malware attacks targeting education will increase dramatically year-over-year in 2022 (up 157%). As such, education was the hardest-hit sector among those surveyed. The survey found that attacks on the healthcare and government sectors decreased (15% and 58% respectively), while attacks on retail and finance increased (50% and 86% respectively).

Malware is more easily spread or encountered on the Internet than ransomware, said Richard Forno, assistant director of the University of Maryland Baltimore County Cybersecurity Center. If a college student is in her dorm room, or if a staff member or faculty browses her website or social media, she may end up downloading malicious software.

However, education as a sector includes both K-12 education and higher education. When the 2022 data were analyzed, higher education fared better, with a more modest (26%) increase compared to the K-12 (323% increase). Forno said the K-12 was hit harder, likely due to local budget constraints.

According to Forno, there aren’t many pies you can turn around. Local governments are also responsible for filling potholes and ensuring clean water and water. [funding] fire station and police station.

And, according to Cullen, today’s universities have better protocols for backing up data, neutralizing the motivation for criminals to demand data ransom. The downside is that cybercriminals may see other types of malware as preferable alternatives to ransomware, Cullen said. So, if you’re not sure the university will pay the ransom, you can find other ways to steal sensitive data like credit card or social security numbers and plan to sell them on the dark web.

Criminals are focusing on higher education because other sectors are improving their cyber postures more quickly, Cullen said, adding that the decentralized environment of universities poses additional challenges. I was. culturally, [colleges] Unlike corporate structures with a strong central command and control structure below the CEO.

Decline in ransomware in higher education

According to the report, ransomware attacks targeting higher education institutions will decrease in 2022 (down 29%) compared to a staggering increase (827%) targeting K-12 institutions.

However, the statistics only reflect reported ransomware attacks, and the actual number may be higher, Cullen said, adding that today’s universities are targeting small-scale ransomware in a way that evades public scrutiny. He added that it may be in place to handle ware attacks. Unfortunately, when university officials keep the public eye to a minimum, they can inadvertently help cybercriminals.

The more publicized a particular ransomware group, the more likely law enforcement agencies, especially the FBI and Homeland Security in the United States, will be more active and say what the group is up to. It will be expensive, says Cullen. If the group can stay in the shadows, it has a better chance of being able to swoop in, deploy ransomware, get paid, get out, and repeat.

Considered as a unique industry, higher education ranks roughly in the middle of the sectors in our study that have experienced ransomware attacks. For example, government and retail declined, while healthcare and finance increased.

According to Forno, higher education IT administrators are really struggling to balance security and privacy for everyone in a university environment with so much sharing and collaboration. But many problems, whether in higher education institutions or not, stem from a lack of basic cybersecurity practices.

Updates only work when installed

Ransomware groups mostly target unpatched vulnerabilities in computer code, according to the 2021 Business Wire report. Most unpatched vulnerabilities (54%) are easily accessible and exploitable by hackers.

Think about your mobile phone. Vendors are constantly pushing updated apps, updated bug fixes, and updated software, Cullen said. Colleges and universities grapple with similar problems, but they constantly have to deal with hundreds of different systems, devices and software.

People working to defend their networks may install patches for known vulnerabilities if they exist. However, according to a Ponemon Institute study, most victims admit that an available update or patch could have prevented their breach, including about a third who knew about the vulnerability. .

According to a 2020 AimPoint Group report, IT professionals are least confident when it comes to maintaining cyber hygiene for remote users. This report presents the challenges of a distributed university community, which may include remote students and employees dispersed across campuses and continents. According to the report, even when needed patches are identified, only a minority (around 20%) can patch them within a day, so few can respond quickly enough.

There’s a lot of automation going on, but you need the right people to patch and update systems with the frequency you need today, says Cullen. It’s like going to the doctor or dentist. Not everyone goes as often as they should. So is cybersecurity.

