Threat actors are increasingly targeting K-12 districts with cyberattacks, resulting in triple-digit spikes in malware, ransomware, encrypted threats, and IoT attacks. The COVID-19 pandemic has accelerated the growth of technology in K-12 schools, leading to a substantial increase in their dependence on technology. Unfortunately, schools’ adoption of new hardware and software has often outpaced their districts’ ability to secure this new infrastructure, resulting in an attack surface that has continued to grow in size and appeal to attackers.
A recent report from SonicWall has revealed that education institutions have experienced a significant increase in Internet of Things (IoT) attack volume, with a 146% rise in 2022 compared to the previous year. This increase in malicious actions targeting technologies with IoT is due to the digital transformation of business verticals, many of which are still immature in cybersecurity. In recent years, attacks targeting sensors have grown by 87%. Some IoT markets, especially those related to the industry, have historically used technologies to protect against production and interconnectivity attacks, but other sectors have been slower to realise the risks to which their IoT technologies are exposed.
According to the report, the rise in IoT technologies in the hands of users and corporations has raised the complexity of protection beyond what information security teams are capable of monitoring. Brogiato, Country Manager of SonicWall, highlights that technology companies focus on delivering something beneficial to the customer without giving enough consideration to the security of the device. There are now many handsets on the market, making it easy for cybercriminals to identify manufacturers and to use resources to plan intrusions. In the executive’s view, the increased use of IoT technologies in the hands of users and corporations raised the complexity of protection beyond what IS teams were able to monitor. In the quest to warm up the market with new solutions, companies that supply IoT technologies did not know how to properly coordinate product development with Information Security.
According to the Government Accountability Office (GAO), roughly 1,847,000 students in the United States alone have been impacted by ransomware attacks since the beginning of 2020. Since the latest data available only goes through the end of 2021, this number, in reality, is much higher. Combining these smaller figures with data released by the U.S. Census Bureau, this works out to 1 in 26 K-12 students in the U.S. affected in just a two-year period.
This issue is not limited to the United States. According to a recent audit by the National Cyber Security Centre (NCSC) and the National Grid for Learning, nearly 80% of schools in the United Kingdom have experienced at least one cyberattack. In late 2022, Ontario, Canada, was shaken by the news of two widespread cyberattacks on educators within a two-week period.
The SonicWall Cyber Threat Report revealed massive year-over-year volume increases in attacks on K-12 districts as threat actors continued to shift away from government, healthcare, and other industries to zero in on education targets. In 2022, SonicWall observed a 275% increase in ransomware attacks on education customers overall, including an 827% spike in attacks on K-12 schools. This growth echoed trends observed in the overall malware attack volume: Out of a 157% increase in attacks on education customers overall, the subset of K-12 customers experienced a 323% increase in overall malware attacks.
These attacks primarily target technologies with the Internet of Things (IoT), and they have increased in recent years due to the Digital Transformation of business verticals that are not very mature in cybersecurity. According to SonicWall’s data, malware attacks targeting IoT-based technologies remained a trend for years to come, and in 2022 alone, malicious actions targeting sensors grew by 87%.
To counteract these threats, Cybersecurity professionals need to prioritise their defences and work on prioritisation capabilities when choosing the right protection for internal assets. An in-depth analysis of risk levels of IoT-based technologies can assist in this decision. Any investment that cannot be included in the prioritisation should be shared with the organisation’s managers to ensure they are fully aware of the decision taken by the leader in Cyber. This transparency will enable C-Level management to plan for recovery should the worst happen in an IoT environment, including the company’s recovery capacity and the time needed to apply a defence strategy.
