Strong growth of cyber threats in the education sector in 2024

Schools and universities, with their treasure trove of sensitive data and often insufficient cyber security measures, have become prime targets for cyber criminals. This is according to the latest report by Check Point Research, the Threat Intelligence division of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of artificial intelligence-based and cloud-delivered cyber security platforms, which found that the education sector was the most targeted by cyber attacks in 2024. The data also showed a disparity when comparing sectors and differences across geographic regions.

From the beginning of the year to the end of July, the education/research sector was the most targeted sector globally, with an average of 3,086 attacks per organisation, per week. This is a 37 per cent year-on-year increase compared to the second most targeted sector, government/military.

The Apac region recorded the highest number of cyber attacks against organisations in the Education/Research sector since the beginning of the year, with 6,002 weekly attacks per organisation. North America recorded the highest year-on-year increase, with a 127% increase.

India is the most targeted country in the education/research sector, with 6,874 weekly attacks per organisation, a 97% year-on-year increase. Other notable variations include Germany (+66%) and Portugal (+66%).India appears to be experiencing the most attacks mainly due to the rapid adoption of distance learning, fuelled by lockdowns caused by Covid and the continued digitisation of education, which have created lucrative opportunities for cybercriminals looking for personally identifiable information (PII) to sell on the Dark Web. In addition, the proliferation of these online learning platforms, aimed at everyone from pre-school children to retired professionals, has increased cyber risks. Schools and universities often do not place sufficient emphasis on cyber security, leaving their networks vulnerable. The different groups involved in these educational networks - including students, teachers, parents and education professionals - further widen the attack surface, providing multiple weak points for malware insertion and unauthorised access to financial data and PII.
In Italy, the situation appears to be worrying with an average number of attacks per week of 4,730, or more than 53% compared to the global average, and a growth of +40% compared to last year.

Part of the interest is the huge amount of personal data stored by educational institutions. Most companies tend to have only employees, whereas in schools, colleges and universities there are not only employees such as teachers and lecturers, but also students. With such a large number of people, the networks in the sector are much larger, more open and more difficult to protect. It also means that there is a lot of personally identifiable information (PII) that can be used for financial purposes.Students are not employees bound by strict corporate guidelines on appropriate access to networks. They bring their own devices to schools and campuses, work from shared accommodation with students and connect to free public Wi-Fi without thinking about security risks. This combination helped create the perfect storm.