On 18-20 September Kaspersky will participate in the annual PURCON conference in Johannesburg that gathers over 600 participants including higher education procurement, finance, ICT and facilities management. Ahead of the event Kaspersky experts share an overview of cyberthreats targeting the education sector, as well as cybersecurity guidelines and best practice measures for organisations within this sector.

According to Kaspersky experts, among top cyberthreats to educational organisations are the following:

  • Ransomware attacks, where threat actors encrypt files and demand payment for the decryption key. These attacks can severely disrupt operations, making critical data and systems inaccessible or lead to data loss. Last year one of the largest universities in Australia, the University of Queensland, experienced a ransomware incident that disrupted access to academic and administrative systems.
  • Data breaches mean unauthorised access to sensitive data, that can occur through hacking or insider threat and can lead to exposure of personal and financial information, identity theft, legal and regulatory consequences. For example, last year the U.S. Stanford University reported a data breach involving PhD program application information of 897 people.
  • Phishing attacks involve deceptive emails or messages that trick individuals into divulging sensitive information, such as login credentials or financial details, which can further lead to financial losses and data breaches. Kaspersky recently disclosed information on phishing campaigns targeting students and educators.

Other cyberthreats that should be mentioned are insider threats by individuals within the organisation, such as employees or contractors; distributed denial of service (DDoS) attacks when a network or website is overwhelmed with a flood of fake traffic, causing it to become slow or completely unavailable; and malware and exploits of software vulnerabilities designed to damage or gain unauthorised access to systems and data.

“Educational institutions have become a target of cyber attackers, especially those spreading ransomware and phishing, because of the importance of the continuation of educational processes and the possession of valuable data (personal, financial information, scientific research, etc.). The attack surface has also increased for these organisations due to remote and hybrid learning environments. This highlights the need for robust cybersecurity solutions unified by a single management platform, for this sector. At the same time, attention should be paid to both the technical and human side of cybersecurity that involves policies and trainings among other measures,” says Yuraisha Mari, Enterprise Group Manager, Africa, Kaspersky.

Kaspersky experts share a detailed guideline for organisations in the education sector on how to stay safe from cyberthreats:

  • Have multi-layered security solutions for endpoints, network and cloud systems.
  • Keep all software up-to-date.
  • Develop and mandate security policies for all users.
  • Utilise multi-factor authentication beyond just passwords for accessing critical systems and sensitive data.
  • Implement access controls and update access policies for employees who leave the organisation or move to a different position.
  • Encrypt sensitive data both in transit and at rest, to protect it from unauthorised access.
  • Regularly back up critical data and ensure that backups are stored securely and tested for integrity.
  • Arrange for professional trainings for IT staff, who should keep track of emerging threats and best practices.
  • Educate all users on issues such as recognising phishing attempts, safe handling of sensitive data, and proper use of IT resources. Dedicated training courses such as the ones provided in the Kaspersky Automated Security Awareness Platform can assist.
  • Conduct cybersecurity audits.
  • Prepare and regularly update incident response plans to quickly address and mitigate the effects of any cybersecurity incidents.
  • In case of becoming a victim of ransomware, do not pay the ransom. It won’t guarantee you get your data back but will encourage cybercriminals to continue their activities. Instead, report the incident to your local law enforcement agency. Try to find a decryptor on the Internet, for example at www.nomoreransom.org.

The Kaspersky stand at PURCON conference 2024 is located in L3 sector, while a keynote titled “Cybersecurity Threat Landscape in the Education Sector, and how to establish Cyber-immunity” will take place on Thursday, September 19, 2024 at 15h30.