75% of education sector attacks linked to compromised accounts – Help Net Security

69% of organizations in the education sector suffered a cyberattack within the last 12 months, according to Netwrix.

education sector account compromise

Phishing and account compromise threaten the education sector

Phishing and user account compromise were the most common attack paths for these organizations, while phishing and malware (such as ransomware) topped the list for other verticals. What’s more, 3 out of 4 attacks (75%) in the education sector were associated with a compromised on-premises user or admin account, compared to 48% for other sectors.

Security professionals know that it’s impossible to achieve full cybersecurity, which means that the remaining 32% had a very lucky year — or just haven’t discovered the incident yet.

Some cyberattacks have dire consequences, including freezing operations so long that the organization goes out of business, but most organizations survive the cyberattacks they experience.

Even though not every attack results in financial damage, some can be quite costly. Indeed, 16% of organizations estimated their financial damage from cyberthreats to be at least $50,000.

59% of organizations have a cyber insurance policy or plan to purchase one within 12 months. 28% organizations that have cyber insurance changed their security approach in order to reduce their premium — and 22% had to improve their security posture to even be eligible for the policy.

Top IT priorities

To build an effective security architecture, it is crucial to assess who poses a threat. It turns out that IT pros are almost equally concerned about their own employees and external adversaries. Considering that 43% of respondents cited employee mistakes or negligence as the main challenge to data security, it is no surprise that the internal threat is top of mind.

The three main IT priorities are the same for organizations of all sizes, including small businesses: data security, network security and cybersecurity awareness among employees.

“Organizations in the education sector handle variety of accounts — staff, third-party contractors, educators, students, alumni — that have a high turnover rate. Even if identity management is automated, it is a challenge to keep users trained on security best practices because there is a continual supply of newcomers,” says Dmitry Sotnikov, VP of Product Management at Netwrix. “In addition, students may lack experience in spotting phishing emails or fake websites asking for their credentials. To address these challenges, it is essential to mandate security training within the first few weeks and repeat it on a regular basis.”

“To enable research and collaboration, educational institutions often provide a variety of shared devices and systems exposed to the internet — creating a massive attack surface,” says Dirk Schrader, VP of Security Research at Netwrix. “To mitigate risk, it is crucial to enforce strong password policies that prevent the use of weak and compromised passwords, implement multifactor authentication (MFA), and adhere to the least privilege principle. In addition, automated detection and response solutions can help IT deal with account compromise and abuse in a controlled and efficient manner.”