COVID-19 has changed nearly every aspect of our lives, not to mention the operations of entire industries. Think about it: what does your ‘new normal’ look like? For higher ed institutions, it consists of the rapid switch to online learning to ensure the physical safety of students and faculty, and a whole lot of trial and error.
While institutions are taking the appropriate measures to keep their stakeholders safe on a physical level, ensuring their virtual safety remains an ongoing challenge. Just as educators have prepared for online classes and new e-learning software, attackers have ramped up their ransomware, DDoS and phishing campaigns to relish in the vulnerabilities unleashed by the pandemic. And remember Zoombombing? Yeah, that’s still around too (check out this blog for more on Zoombombing).
Even though the current generation of college students seem to be some of the most tech-savvy individuals around, the pandemic has revealed that higher ed institutions must take greater steps to better equip themselves for the ‘new normal.’ Here are a few ways attackers have exploited institutions amid the pandemic and their expected impact moving into 2021:
Ransomware: Over the course of the pandemic,many institutions have encountered malicious attacks on their networks. In June, the University of California, San Francisco paid one of the largest ransomware sums on record to attackers – a whopping total of $1.1 million – to halt the disruption of the school’s coronavirus research, patient-care system and campus network. As cybercriminals take advantage of new attack opportunities in higher ed, school administrators will need to prepare their networks to withstand uncommon malware attacks at an increased rate. Many higher ed clients are using one of our innovative endpoint security solutions with built-in platform rollback specifically designed to manage quick recovery after a ransomware event.
DDoS Attacks: From January to June 2020, higher ed institutions saw a 350% increase in DDoS attacks as compared to 2019. With so many universities utilizing a variety of online resources, many attackers have disguised their attacks as related platforms (such as Moodle, Zoom, Google Classroom and Blackboard) to avoid suspicion and increase their chances of fooling users. To combat the increase in DDoS attacks, institutions will need to more frequently monitor and evaluate network traffic to minimize attacks. DDoS attacks take different forms, but typically originate from the Internet. Ask us about solutions to manage incoming DDoS whether from the Internet or from infected endpoints within the network.
Phishing: While phishing scams aren’t new to higher ed, the pandemic has presented attackers with the creative ability to identify new ways to gain access to sensitive information. Whether its alerting students that they have missed an online meeting or need to update their password, attackers are yet again attempting to outsmart victims by exploiting new vulnerabilities and access methods. Increased phishing attacks on higher ed will carry over into 2021, and we expect to see more institutions turning to cloud-based security and stronger endpoint monitoring as a result. Our higher ed clients have seen tremendous results with our phishing control platforms including email security and end user security awareness training tools. To make them even more accessible, our solutions can integrate with your existing email and/or domain infrastructure including cloud-hosted platforms such as Microsoft Office 365.
Carolina Advanced Digital supports hundreds of higher education clients across the U.S. for security needs such as endpoint security, network security, secure remote access, end user security awareness training as well as pen testing, consulting, compliance and vCISO services. Contact us today to learn how we’re helping universities, community colleges, and private schools.