AUSTIN, Texas – According to Microsoft’s Global Threat Activity tracker, 61 percent (nearly 4.8 million) of malware encounters reported within the past 30 days took aim at the education sector, making it the most affected industry. The business and professional services sector came in second with just under 1 million incidents.

Data from the K–12 Cybersecurity Resource Center, U.S. schools and districts publicly disclosed 348 cyber incidents in 2019.  This number was three times higher than in 2018. During the COVID-19 outbreak, the Federal Bureau of Investigation also issued a security alert about the threat of ransomware to schools.

With practically no time at all for planning or training, the March onset of COVID-19 forced the majority of the nation’s school districts, ready or not, to adopt a remote learning model. As cyberattacks continue to plague the education sector, academic institutions have once again been forced into an involuntary course on cybersecurity education.

Schools and students also face potential risks from third-party edtech firms that fail to appropriately secure data in their platforms. According to NordVPN Teams CTO, ‘’Systems have to be set up with adequate authentication and controls. Otherwise, they can become vectors for attack.  Without proper implementation, tools to access school networks remotely – even VPNs, password managers and remote desktop protocols – can all be hacked to gain unauthorized access and steal sensitive data.’’

Shifting to fully or partly online learning for the second time this year means educational institutions have to put extra effort in preparing their edtech. Cyberattack trends make it clear that most university lecturers are not properly trained in ICT or lack the knowledge to assist students in cyber security. Although school districts have already learned the lesson the hard way and have started trying to secure their data, their pace might still be too slow. Millions of teachers and students will make remote access attempts from various devices again this fall, opening the door for cybercriminals to act.

‘’Edtech and its infrastructure is not given the importance it is due. As governments attempt to address the public health crisis around the world and contain the spread of COVID-19, there is a very large chance criminals will continue to exploit this chaos, and that there will be another spike in cyberattacks against vulnerable targets. Educational institutions should focus on protecting their open networks and managing devices they don’t have control over,’’ reports the NordVPN Teams.