Image: seksan Mongkhonkhamsao/Moment/Getty Images

Cybercriminals tend to target organizations and industries that they know are vulnerable. That’s especially true given the repercussions of the coronavirus pandemic and the move to remote work. A report published Wednesday by cyber threat intelligence provider Check Point Research looks at the latest wave of cyberattacks against educational and research facilities in particular and offers tips on how to better combat them.

SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)

Since mid-2020, the volume of weekly cyberattacks in general has risen steadily. Responding to the COVID-19 outbreak, organizations were forced to transition their workforce to a remote environment. In many cases, that shift was done so rapidly and abruptly that security requirements and standards often took a backseat.

Similarly, schools have had to move to a remote learning setup for teachers and students. And given that COVID-19 still presents a threat with the delta variant, schools continue to find themselves in a confusing, uncertain situation. All of that is why the educational and research sector has been hit by a higher number of cyberattacks than other industries.

For July 2021, schools and research facilities experienced an average of 1,739 cyberattacks per organization each week. That volume showed a 29% increase from the first half of 2021. The only industry that saw a larger increase was the leisure sector, and that was largely due to the demands of the summer season.

Weekly average number of attacks per organization globally – education sector vs other sectors (2020 – 2021).
Image: Check Point Research

As just one of many examples, the Department of Education in Australia’s New South Wales was the victim of a cyberattack in early July. The incident forced the department to shut down many of its online learning platforms just days before the new school term was to start.

To help schools and research organizations better defend themselves against cyberattacks, Check Point offers these recommendations.

  1. Review your passwords. Review and strengthen the passwords used for logging into remote systems and resources, such as email and work applications.
  2. Watch out for phishing attacks. Avoid clicking on links that look suspicious and only download content from reliable and verified sources. If you receive an email with an unusual request, check the sender’s details to confirm that you’re communicating with a colleague or other trusted person.
  3. Reduce your attack surface. For endpoints, make sure you have full control of peripherals, applications, network traffic and data. Encrypt data when it is in motion, at rest, and in use. Also, be sure to enforce your internal policies to comply with endpoint security requirements.
  4. Deploy anti-ransomware technology. This type of defense helps detect signs of ransomware as well as mutations of known and unknown malware families through behavioral analysis and generic rules.
  5. Contain and remediate cyberattacks. Contain and control attacks by detecting and blocking command and control traffic. Prevent the lateral movement of malware by isolating infected machines. Make sure you clean your environment by quarantining files, killing processes and sterilizing the full attack chain.