The Australian Education sector is among the many groups suffering an increase in cyber-attacks. The education and training sector was the highest reporting industry of ransomware incidents in the 2021-22 period. These incidents are attributed to the highly collaborative nature of the industry and the use of new software and personal devices.
Growing Cybersecurity Crisis
The predominant tactic leading these ransomware attacks involves phishing and user account compromise as the primary means of infiltration. Many of these attacks were found to be linked back to on-premise users or admin accounts. The utilisation of weak or compromised passwords significantly contributes to these cybercriminals’ means of infiltration. The frequency of these attacks only continues to pose a threat to this sector especially with the shift to a more technology-based environment.
Why are cybercriminals targeting them?
It may be surprising to many that this sector saw the highest reports of ransomware attacks. However, this sector holds incredibly high volumes of sensitive information for a range of individuals which is highly attractive to these cybercriminals. The collection of student, employee and related individuals’ data along with the constant influx of data that is brought along with new students significantly puts these educational organisations at risk. Furthermore, the prevalence of personal devices being used within these organisations increases their vulnerability to these attacks. Data that has been breached often include personal information, financial and medical records, and educational transcripts.
One notable attack occurred in late December 2022, with the Queensland University of Technology being victim of a cyber breach. QUT reported that a total of 11,405 individuals, including both former and current staff and students, had been impacted. Among the information access included tax file numbers, and bank account numbers.
Protecting the future of the Education sector
Australian educational organisations must take preventative action to protect their array of sensitive data. This can include mandatory education on cyberattacks for staff and students, implementing robust software and ensuring effective data retention and management practices are in place.
DataBench can mitigate the risk to these organisations with our robust automated solutions. Our Ransomware Detection and Recovery solution provides organisations with the ability to monitor activity in real time whilst proactively protecting and notifying you of suspicious activity. In today’s cyber landscape, no industry is immune, these attacks highlight the importance of remaining vigilant in safeguarding your organisation’s data.