Cybersecurity Reports See Rise in Education Risks

mobile phone with security icon

Two cybersecurity reports that highlight mobile device risks — one from Verizon and the other from NetScout Systems — have also touched on the education sector in their findings.

Verizon's "Mobile Security Index 2020" reported that two in five public sector organizations (39 percent) admitted to suffering a compromise involving a mobile device in the last year. But the most likely segment within those sectors to be hit was education, where 44 percent of schools acknowledged they'd been compromised through a mobile device breach.

The Verizon public sector survey was based on responses from around 175 people (the number in education wasn't specified), all of whom served as "senior professionals" in charge of mobile device "procurement, management and security."

When they were asked whether they had "ever sacrificed the security of mobile devices to get the job done," a third (36 percent) acknowledged that they had done so. And those organizations were 2.2 times as likely to have been compromised.

Insider threats were the biggest concern for these respondents. Seventy-one percent said they thought employees were their greatest risk when it came to mobile devices.

As the report's authors noted, these organizations were "failing to take" even basic precautions. Fewer than half (46 percent) reported that default or vendor-supplied passwords were changed. Just 51 percent said they encrypted sensitive data when it was sent across public networks. And about two-thirds (64 percent) admitted that they "personally" used public WiFi networks for work, even when nearly four in 10 organizations had policies prohibiting the practice.

The NetScout Threat Intelligence Report took a different tack for its findings — analyzing the data generated from its own systems. The latest report covered the "global threat landscape" for the last half of 2019.

According to the company, education organizations have come "under increased pressure from attackers." The frequency of attacks grew by 41 percent in this sector. The "max" DDoS attack size jumped 58 percent for technical and trade schools specifically and six percent for colleges.

On the mobile front, across the board in all kinds of organizations, mobility hits were on the rise. Distributed Denial of Service (DDoS) attacks against mobile networks were up 64 percent from the second half of 2018 to the second half of last year.

The report said that the increase was probably due to two reasons: the increased popularity of gaming on mobile devices with 4G and LTE connectivity; and the tendency of gamers especially in Asian countries to use their phones as wireless hotspots. "As gaming continues to be a prime motivation for DDoS attacks, adversaries naturally follow their targets, further leading to the growth in attacks," the report stated.

The report explained that mobile malware was useful to attackers because it provides a "window into the mind of the user." As the report stated, "mobile devices often contain invaluable personal and professional communications, sensitive documents and other accesses into privileged environments. They can provide a glimpse into where a user has been and track current movements."

Even as mobile phones are becoming the only computer that many people have, just half bother to take steps to protect them, "making it shockingly simple" for advanced persistent threat groups to "deploy and use mobile malware."

Both reports encouraged organizations to take a stand against mobile risks by covering the basics (patching and restricting data access on a "need-to-know" basis) and the more complicated (encrypting data sent over unsecured networks and educating users on the problems they face in using public WiFi).

Both the Verizon and NetScout reports are available on their respective websites (registration required).

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • SXSW EDU

    3 Opportunities to Get Hands-on with AI at SXSW EDU 2025

    This March 3-6 in Austin, TX, the SXSW EDU Conference & Festival celebrates its 15th year of exploring the most critical issues in education and providing a forum for creativity, innovation, and expression.

  • glowing AI text box emerges from a keyboard on a desk, surrounded by floating padlocks, warning icons, and fragmented shields

    1 in 10 AI Prompts Could Expose Sensitive Data

    A recent study from data protection startup Harmonic Security found that nearly one in 10 prompts used by business users when interacting with generative AI tools may inadvertently disclose sensitive data.

  • futuristic VR goggles with blue LED accents, placed in front of a fantastical landscape featuring glowing hills, a shimmering river, and floating islands under a twilight sky

    Los Angeles Unified School District Adopts VR Learning Platform, Resources

    Los Angeles Unified School District (LAUSD) recently announced a partnership with Avantis Education to bring educational virtual and augmented reality (VR/AR) solution ClassVR to its students. A news release reports that the district has already deployed more than 16,000 ClassVR headsets as part of the Los Angeles Unified Instructional Technology Initiative.

  • A glowing crystal ball with a modern school building inside, surrounded by numerous holographic symbols including a gear, book, laptop, lightbulb, cloud icon, smartphone, and circuit pattern, on a gradient blue and white background.

    Ed Tech Wishes and Worries for 2025

    How will evolutions in education technology impact schools and districts in the coming year? Here's what the experts told us.