Skip to main content
Add as a preferred source on Google


Education Networks Largely Spared in DDoS Escalation

Dedicated denial of service (DDoS) attacks were up by double digits in the first half of 2021. But somehow schools, colleges and universities, despite being favorite targets for ransomware and various other forms of malware, have been by and large overlooked — even as DDoS becomes a companion tool in ransomware incidents.

According to a report released this week by network security company NetSCOUT, everything about DDoS attacks increased in the first half of the year.

  • The total number of attacks increased to 5.35 million, up 11% over the same period last year;

  • The average duration increased to 50 minutes, up 31%;

  • The largest attack in terms of bandwidth was 1.5 Tbps (against a German ISP), up 169% over the largest attack in the first half of last year; and

  • The fastest attack was 675 Mpps (million packets per second), targeted at a Brazilian broadband user and likely related to online gaming, up 16.17%.

In total there were four terabit-class DDoS attacks (none of them against a target in the United States).

According to the report, DDoS is increasingly being used as part of ransomware (as well as stand-alone extortion) campaigns, with actors using encryption and data theft, then adding more pressure on the IT/security organization through DDoS.

Amid all of this, however, the report noted that education didn't even crack the top 10 as a target. In addition, education (including both K–12 and higher ed) made up less than a third of a percentage point of all bottled nodes (defined as "devices/systems that have been compromised by malicious bot software") used in DDoS attacks in the first half of the year (0.3%), well behind businesses (at 4.47%), hosting services (8.45%), mobile (11.57%) and ISP (75.22%).

According to the report: "This is probably due to more stringent control over what devices are allowed on the network in these institutions. The top three source network profiles were ISP, mobile, and hosting, where device control is nearly nonexistent. That lack of control means that those ISP and mobile numbers really represent compromised subscribers."

The complete report, the NetSCOUT Threat Intelligence Report 1H 2021, can be found on NetSCOUT's site and is available in both interactive versions and static PDFs, which includes many additional statistics, best practices and further explanations of attack vectors and operating systems.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • cyber security padlock

    Report: AI Adoption Forces Trade-Off Between Speed and Identity Security

    AI adoption is forcing enterprises to trade security for speed β€” and identity controls are the first casualty, according to a new report from Delinea, a provider of identity security solutions for both human and AI agent identities.

  • teacher holding laptop in the class at school

    80% of Teachers Are Using AI Tools in the Classroom

    In a recent survey by PreK-12 marketplace TPT, 80% of educators reported using generative AI tools in their classrooms. The majority (58%) said they use AI regularly or occasionally, while 22% have tried it once or twice.

  • person typing on a touch screen schedule plan calendar

    Deadline Extended for ADA Title II Compliance

    Schools working to meet the Americans with Disabilities Act Title II regulations for digital accessibility have received a temporary reprieve: The United States Department of Justice has published an interim final rule to push back the compliance deadline by one year.

  • abstract cybersecurity data protection

    Rubrik Announces Google Workspace Data Protection

    Rubrik has introduced Rubrik Data Protection for Google Workspace, a product the company said is designed to help enterprise customers protect data and restore operations across Google Workspace environments.