Education Sector Sees Massive Surge in Intrusions
A new threat
report from data security firm CrowdStrike
found that criminals engaging in intrusion into information systems
are getting much more efficient at what they do. It also found that
intrusions into academic systems are soaring.
The report, Nowhere
To Hide, 2021 Threat Hunting Report: Insights from the CrowdStrike
Falcon OverWatch Team, found that, on the efficiency side, it
takes an intruder significantly less time to begin moving into other
systems on the network once they've made the initial breach — now
just 1 hour and 32 minutes, down from four hours and 37 minutes in
the previous report, released in 2020. And in some sectors, that
average is at less than 30 minutes.
The report is based on "data from CrowdStrike
Falcon OverWatch, CrowdStrike’s … managed threat hunting
team, with contributions from CrowdStrike Intelligence and Services
teams, and provides an inside look at the current threat landscape,
notable adversary behavior and tactics, and recommendations to
increase cyber resiliency."
As far as the education is concerned, the sector saw an 80% surge in
intrusions from this time last year and increased its overall share
of intrusions to 5%, ranking sixth by vertical sector. (The largest
vertical sector, technology, made up 17% of total intrusions,
followed by telecommunications at 12%.) Education ranked fifth in
targeted intrusions.
“Over the past year, businesses faced an unprecedented onslaught of
sophisticated attacks on a daily basis. Falcon OverWatch has the
unparalleled ability to see and stop the most complex threats —
leaving adversaries with nowhere to hide,” said Param Singh, vice
president of Falcon OverWatch, CrowdStrike, in a prepared statement.
“In order to thwart modern adversaries’ stealthy and unabashed
tactics and techniques, it’s imperative that organizations
incorporate both expert threat hunting and threat intelligence into
their security stacks, layer machine-learning enabled endpoint
detection and response (EDR) into their networks and have
comprehensive visibility into endpoints to ultimately stop
adversaries in their tracks.”
Further details about the findings
can be found on CrowdStrike's site.