What Is Driving the Increase in Cyberattacks in Higher Education?
Two ransomware gangs were behind much of the increase, Malwarebytes concludes, with LockBit and Rhysdia, formerly known as Vice Society, responsible for more than 100 attacks. The five most active gangs accounted for 81 percent of all attacks on education institutions.
LockBit, which Malwarebytes describes as the “most prolific ransomware gang throughout 2023,” was taken down by a multinational law enforcement effort in late February, although it’s unclear what impact that will have on future attacks in higher education.
In addition to ransomware gangs, Malwarebytes cautions against an increase in “big game” attacks, which come with weeks of planning and preparation by the attackers and ask for huge ransoms, often with the assistance of Ransomware as a Service code. A Coveware study reports that the global average ransom payment made in the second quarter of 2023 was $740,144, which was a 126 percent jump from the first quarter and by far the highest amount Coveware has reported since at least 2018.
The full Malwarebytes report also spotlights the continued use of malicious advertising (sometimes called malvertising), where cybercriminals impersonate reputable businesses to breach secure networks. Tactics include posing as popular brands or business tools and asking users to download what appears to be legitimate software but is, in fact, malware.
The rise in cyberattacks reaffirms the focus many higher education institutions are placing on security, which again ranked No. 1 on the annual EDUCAUSE Top 10 list of issues facing colleges and universities. In response, institutions are exploring the potential of zero-trust security frameworks, focusing on identity and access management, and even turning to virtual CISOs, among other tactics.
Editor's note: This article was originally published on March 21, 2024.
