February 23, 2024 – Trustwave, a leading cybersecurity and managed security services provider, has released comprehensive research uncovering unique cybersecurity threats faced by education institutions. The report, “2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” explores industry-specific risks and equips cybersecurity leaders in the education sector with actionable insights and strategies to strengthen their defences.
Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for cyberattacks. These attacks not only threaten the safety and security of teachers and administrators, but they put the privacy of students, staff, and other associated entities at risk.
Trustwave SpiderLabs’ latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques, and procedures. The education sector faces significant cybersecurity risks, ranging from job offer scams targeting students to the critical exposure of networked devices due to vulnerabilities in public-facing applications.
Kory Daniels, chief information and security officer, Trustwave, said, “The education sector faces an incredible challenge in navigating a diverse and fluid attack surface with increasing financial pressures, leaving little room for error as digital leaders aim to sustain resilience to threats.
“Student, staff, alumni, and professor data each provide different lures and motivators for threat actors to maliciously target the institution, or the individuals affiliated. Our latest threat briefing serves as a vital resource for cyber defenders, equipping them with actionable insights in navigating the latest threats and defences of their students, staff, and data.”
The Trustwave SpiderLabs report analyses threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. A few key findings from the report include:
- The threat group LockBit accounted for 30 per cent of ransomware incidents targeting the education sector.
- Apache Log4j (CVE-2021-44228) continues to be the most common exploit attempt against educational institutions, accounting for 74 per cent of attempts.
- There is significant exposure of critical systems and devices with 1.8M devices related to the education industry being publicly exposed.
To access the full Trustwave SpiderLabs threat report, “2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” please click here.
About Trustwave
Trustwave is a globally recognised cybersecurity leader that reduces cyber risk and fortifies organisations against disruptive and damaging cyber threats.
Trustwave’s comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimises its client’s cyber investment, and improves security resilience. Trusted by thousands of organisations worldwide, Trustwave leverages its world-class team of security consultants, threat hunters, and researchers, and its market-leading security operations platform to decrease the likelihood of attacks and minimise potential impact.
Trustwave is an analyst-recognised leader in managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team provides industry-defining threat research, intelligence, and threat hunting, all of which are infused into Trustwave services and products to fortify cyber resilience in the age of inevitable cyber-attacks.
For more information about Trustwave, please visit: https://www.trustwave.com/en-us/
