The education sector is one of the most heavily targeted industries by cyberattacks in 2019, with 86% of education sector respondents to a survey by EfficientIP and IDC having experienced under-the-radar Domain Name System (DNS) attacks in the past year, the second-highest across all sectors after government.
Surveying 900 security experts from nine countries across North America, Europe and Asia, the report found that the education sector is failing to invest in its own security.
Organisations suffered an average of 11 attacks last year, each costing $670,000 — resulting in an annual toll of $7,370,000.
The attacks on NTU and NUS point to the vulnerability of the education sector in Singapore, especially when the motivation is to steal valuable research.
The report also revealed that half of the DNS attacks education institutions experienced last year were phishing-based. These can range from in-house application downtime (affecting 66%) to compromised websites (50%), high above the global average of 45% of victim organisations.
If education institutions are going to properly protect themselves and their students, they need smarter countermeasures. Half of those surveyed said they currently attempt to mitigate attacks by shutting down servers and services, a further 64% by shutting down affected processes and connections.
Pulling the plug might help stop attacks, but it’s a blunt instrument attempting to stop increasingly sophisticated threats. Smarter DNS monitoring, analysis and threat intelligence are needed to identify these threats before they begin, and quarantine attacks without taking entire servers offline, disrupting normal service.
Only 22% of education institutions surveyed prioritising monitoring and analysing DNS traffic to meet the compliance requirements of data regulations such as GDPR.
In addition, with the lowest adoption of network security policy management automation (8%) education is beginning to fall behind in too many key areas to quickly catch up.