3 in 4 Education Institutions Have Uncovered a Cyber Attack on Their Infrastructure in the Past Year

Seventy-seven percent of institutions across K-12 and higher education have identified a cyber attack on their infrastructure within the past 12 months, according to a new survey from cybersecurity company Netwrix. That represents a significant increase from 2023, when 69% of education organizations reported the same.

For its 2024 Hybrid Security Trends Report, Netwrix surveyed 1,309 IT and security professionals from a variety of industry sectors in 104 countries, to find out about their IT infrastructure, security challenges, and more. Education-specific survey results were released in a separate report, "Additional Findings for the Education Sector."

The most common attack vectors in education were phishing, user account compromise, and ransomware or other malware, the report found. Of the institutions that experienced a security incident, 47% reported facing unplanned expenses to fix security gaps, while 42% said they experienced no impact. Other cyber attack consequences included compliance fines (cited by 14% of respondents), change in senior leadership (11%), loss of competitive edge (11%), and lawsuits (10%).

Respondents were also asked about their biggest data security challenges. Fifty-one percent pointed to a lack of budget for data security initiatives; 47% said mistakes or negligence by business users; and 45% said an understaffed IT/security team.

"While educational institutions may have the same complexity as large organizations, they typically lack matching budgets and resources to deal with their dynamic environments," commented Ilia Sotnikov, security strategist at Netwrix, in the report. "It is crucial for the IT security teams in the education sector to have processes and tools in place to govern the identities, audit their activity, and monitor for any abnormal or malicious behavior."

For the full report, visit the Netwrix site here.

About the Author

Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].

Featured

  • horizontal stack of U.S. dollar bills breaking in half

    ED Abruptly Cancels ESSER Funding Extensions

    The Department of Education has moved to close the door on COVID relief funding for schools, declaring that "extending deadlines for COVID-related grants, which are in fact taxpayer funds, years after the COVID pandemic ended is not consistent with the Department’s priorities and thus not a worthwhile exercise of its discretion."

  • laptop and fish hook

    Security Researchers Identify Generative AI 'Vishing' Attack

    A new report from researchers at Ontinue's Cyber Defense Center has identified a complex, multi-stage cyber attack that leveraged social engineering, remote access tools, and signed binaries to infiltrate and persist within a target network.

  • Ativion StudentKeeper

    New Platform Combines Content Filtering, Classroom Management, Device Management Tools

    Ed tech, remote access, and cybersecurity solution provider Ativion has introduced StudentKeeper, an all-in-one platform that encompasses digital safety management, filtering, and reporting tools for supporting and protecting students.

  • A child surrounded by glowing, fluid virtual patterns and holographic shapes, illuminated in a dark gradient environment of blue, purple, and pink.

    ClassVR Gets Expanded VR/AR Content Library

    Avantis Education has announced a new content library for its ClassVR virtual and augmented reality platform. Dubbed Eduverse+, the library features four content suites — EduverseAI, WildWorld, STEAM3D, and CareerHub — that can be tailored to suit a variety of educational levels.