Twenty-six percent of education respondents in a new survey reported daily or weekly cyber attacks in 2016, and 98 percent of all responding organizations experienced cyber attacks in 2016.
The 2016-2017 Global Application & Network Security Survey from cyber security company Radware reveals that while cyber ransom proves the easiest and most lucrative tool for cyber criminals, almost all ransom events have a different attack vector, technique or angle.
Ransom attacks are the most prevalent, increasing from 25 percent of attacks in 2015 to 41 percent of attacks in 2016. The report attributes the increase to the lucrative nature of such a “business.”
Twenty percent of education respondents reported monthly cyber attacks, 31 percent reported 1-2 per year, 4 percent said they have never experienced a cyber attack, and 19 percent were unsure.
The report characterized the education industry at a “medium likelihood” for cyber attacks, along with the retail and health industries.
But of all sectors, education is the most vulnerable to cyber attacks, scoring the lowest in terms of being extremely or very well prepared to defend against various attacks.
(Next page: Emerging threats and key cyber security predictions)
Fifty percent of education respondents are extremely or very well prepared to protect themselves against malware and bots, including worms, viruses and span. Forty-three percent are prepared to fight distributed denial of service (DDoS), 37 percent are prepared to fight web application attacks, 28 percent are prepared to fight social engineering attacks such as phishing, 20 percent are prepared to combat ransomware, and 28 percent are equipped to fight advanced persistent threats.
The education industry faced more challenges this year because vendors on the Darknet began offering school hacking services, according to the report. In 2016, 444 school networks in Japan went offline as a result of a massive cyber-attack. Hacking services found on the Darknet make it increasingly easy for non-hackers to carry out an attack or cause damage to a school’s resources.
In addition, a potential attacker can rent a botnet or a stresser service for as little as $20 in Bitcoin and launch the attack themselves. In most cases, the report notes, it’s either a student looking to delay a test or manipulate the registration process or a personal attack against the school by a student or staff member.
Key predictions from the report include:
- With the code for the Mirai IoT Botnet now available to the public, novice and sophisticated hackers are already adjusting and “improving” the code’s capabilities based on their needs. In 2017, exponentially more devices are expected to become targeted and enslaved into IoT botnets. IoT device manufacturers will have to face the issue of securing their devices before they are brought to market, as botnet attacks from these devices can generate large-scale attacks that easily exceed 1 Tbps.
- Cyber ransom is the fastest-growing motive and technique in cyber-attacks, as most phishing attempts now deliver ransomware. Today, threat actors focus their ransom attacks to target phones, laptops, company computers, and other devices that are a daily necessity. In the future, they may target lifesaving healthcare devices like defibrillators.
- Rise of Permanent Denial of Service (PDoS) for Data Center and IoT Operations: Also known loosely as “phlashing” in some circles, PDoS is an attack that damages a system so badly that it requires replacement or reinstallation of the hardware itself. While these attacks have been around for a long time, they only appear sporadically. However, they can do a tremendous amount of damage. Radware predicts that more threat actors will target the destruction of devices via PDoS attacks in the coming year.
- Telephony DoS (TDoS) is expected to rise in sophistication and importance, catching many by surprise. Cutting off communications during crisis periods could impede first responders’ situational awareness, exacerbate suffering and pain, and potentially increase loss of life.
- Public transportation held hostage. From trains and planes to buses and automobiles, entire systems of transportation are becoming self-guided. This automation is meant to provide increased safety, improved reliability, and higher efficiencies. Most of this critical infrastructure may be vulnerable to threat actors looking to hijack public transportation or lock the system down with ransomware.
“Threat actors have a single focus, to develop the best tools possible to either disable an organization or steal its data,” said Carl Herberger, Vice President of Security Solutions at Radware. “Businesses focus on delivering the highest value to their customers. In order to deliver that value, security must be woven into the customer experience for a company to truly succeed. Without this change in thinking, organizations will remain vulnerable.”