September 2021 saw a doubling of DDoS attacks in schools starting their academic year, according to a Slovakian cybersecurity firm’s data.
At the start of school year in September this year in many cities around the world, educational institutions appeared to have experienced an increase in DDoS attacks that was around 118% greater than that in 2020.
According to data from a firm that specializes in protecting online resources from cyberattacks, most educational institutions in Russia and worldwide are now operating normally after settling down from more than a year of home-based learning and other pandemic-control measures. The increased use of digital platforms as part of the educational process has opened up attack surfaces as a result.
The DDoS attacks on online resources of schools and universities could have been organized by students trying to disable information systems and avoid homework. Experts from StormWall, a have analyzed the nature of these cyber incidents and found that most DDoS attacks are low power (10–20Gbps). This suggests that cheap available tools were used to organize the attacks, which could be used by inexperienced hackers.
Experts elsewhere have noted that cybercriminals target the start of the school year as faculty, administrators and students alike are still unfamiliar with new schedules and routines, cybersecurity procedures included.
This is where DDoS attacks with a capacity of up to 300Gbit/s have also been recorded. In this case, unlike student-linked hacks, more expensive tools, such as botnets (which cost between US$100 and US$200 per day) were used. This points to non-amateur bad actors and even state-sponsored cybercriminals.
According to Ramil Khantimirov, CEO and co-founder, StormWall: “The education sector has always been one of the most attacked industries. Since the start of the pandemic, educational institutions have accelerated the use innovative information systems, which significantly improves the quality of education. However, most digital education platforms are poorly protected against cyber threats, which makes them easy prey for hackers.”