Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past 24 hours, Cloudflare has observed HTTP DDoS attacks targeting university websites in Australia. Universities were the first of several groups publicly targeted by the pro-Russian hacker group Killnet and their affiliate AnonymousSudan, as revealed in a recent Telegram post. The threat actors called for additional attacks against 8 universities, 10 airports, and 8 hospital websites in Australia beginning on Tuesday, March 28.

In December 2022, the FCC opened a call for comment requesting stakeholders provide input on whether E-Rate program funds can be used to support advanced or next-generation firewalls and services, as well as other network security services. For those unfamiliar with the program, E-Rate is a Federal Communications Commission (FCC) program that provides funding to schools and libraries for telecommunications and internet services.

Tanium’s Doug Thompson explains how the education sector can respond to a new CISA report.

Ransomware’s new favorite victim is educational institutions. Ransomware attacks, that exploit targets utilizing malicious software code, have increased tremendously over the past few years. In addition to targeting business sectors, cybercriminals are now attempting to ambush the security posture of educational sectors. Educational institutions are an easy prey for ransomware attackers as they lack the fundamental elements of a secured network.

The HECVAT (Higher Education Community Vendor Assessment Tool or Higher Education Community Vendor Assessment Toolkit) is a security framework and template that higher education institutions can use to measure the security risks associated with potential or existing vendors. HECVAT is excellent for higher ed institutions because many third-party organizations tend to have structures and follow practices that lend themselves to increased cybersecurity risk.

Sometimes in the comms team here at Netskope I hear fantastic tales that are not yet approved for public consumption. The frustration is very real when I hear of a creative customer implementation that cannot yet be told to the wider world. But today I have contrived a clever way to be able to share one of these stories with a veil of anonymity, ahead of a bigger effort to craft a case study for full public consumption.

‍HECVAT (Higher Education Community Vendor Assessment Toolkit) is a security assessment questionnaire that measures the cybersecurity risk of third-party vendors for higher education institutions. It helps universities ensure that their third-party vendors have implemented proper security practices and policies, which are measured against a comprehensive list of security controls, to protect the large amounts of sensitive data and personally identifiable information (PII) they manage.

K-12 school districts in the U.S. are struggling with cybersecurity. According to an October 2022 GAO report, ransomware attacks have cost schools up to three weeks of missed learning. The GAO also noted that recovery can take as long as nine months. In January 2021, 3,000 K-12 public schools in the U.S. were victim to a large-scale worldwide cyberattack.