Schools Under Siege: From Nation-States To Ransomware Gangs

Arthur T Knackerbracket has processed the following story:

If we were to draw an infosec Venn diagram, with one circle representing "sensitive info that attackers would want to steal" and the other "limited resources plus difficult-to-secure IT environments," education would sit in the overlap.

Schools - including K-12, colleges, and universities - store health and medical records, data belonging to minors, financial information, sensitive research, AI training models and other proprietary IP. At the same time, they are famously understaffed (with the exception of some well-heeled private institutions) and underfunded - especially when it comes to IT and security.

Their network users include students - some as young as five years old - teachers and professors, doctors and patients, food service workers, janitors, staff, and visitors.

Plus, educational facilities and campuses have to secure IT environments that span both legacy and modern systems, covering everything from payment processing systems to medical equipment as well as personal phones, computers, and gaming consoles.

Every week, the education/research sector faces an average of 2,507 attempted cyber attacks, with everyone from nation-state groups to ransomware gangs and other financially motivated criminals putting schools in their crosshairs. At least according to Microsoft, which, in its Cyber Signals report published today, warned that Iran and North Korea are among the miscreants targeting schools.

As of the second quarter of 2024, education holds the dubious distinction of being the third most targeted industry, based on analyzed security events, Redmond notes.

Read more of this story at SoylentNews.