Bristol Community College is a mid-sized public university located in Fall River, Massachusetts. The school employs more than 1,000 individuals and has over 11,000 students annually. The school houses an extensive amount of data for its employees and its students, and some of that data was put at risk by a recent breach. The data breach left many people involved with the school at risk of being exposed and suffering from identity theft attacks.

Whitworth University is a small private Christian university located in Spokane, Washington. The school manages information for more than 3,000 students each year, and all that data was put at risk when the school was hit by a ransomware attack. The unexpected attack caused the students to lose personal data and put them at serious risk of an identity theft attack. This university earns approximately $150 million in revenue annually and maintains a staff of over 720 people.

They may not end up in the headlines like breaches in other industries, but schools, colleges, and universities are also highly targeted by today’s threat actors and constantly under attack. According to Verizon’s 2022 Data Breach Investigations Report, the educational services sector experienced 1,241 incidents in 2021, with 282 involving confirmed data disclosure. Of those attacks, 75% were from external sources, while the remainder involved insiders.

The K-12 Report breaks down the cyber risks faced by public schools across the country and is sponsored by the CIS (Center for Internet Security) and the MS-ISAC (Multi-State Information Sharing & Analysis Center). Published “to prepare K-12 leaders with the information to make informed decisions around cyber risk”, the report provides a data-driven analysis of what went well, what could be better, and what exactly is threatening our K-12 schools.

Life as a university student can get pretty hectic. You’ve got classes to attend, assignments to complete, and notes to memorize ahead of exams. On top of that, you might be juggling a part-time job, extracurricular clubs, and a busy social calendar.

Over the past 24 hours, Cloudflare has observed HTTP DDoS attacks targeting university websites in Australia. Universities were the first of several groups publicly targeted by the pro-Russian hacker group Killnet and their affiliate AnonymousSudan, as revealed in a recent Telegram post. The threat actors called for additional attacks against 8 universities, 10 airports, and 8 hospital websites in Australia beginning on Tuesday, March 28.

In December 2022, the FCC opened a call for comment requesting stakeholders provide input on whether E-Rate program funds can be used to support advanced or next-generation firewalls and services, as well as other network security services. For those unfamiliar with the program, E-Rate is a Federal Communications Commission (FCC) program that provides funding to schools and libraries for telecommunications and internet services.

Tanium’s Doug Thompson explains how the education sector can respond to a new CISA report.

Ransomware’s new favorite victim is educational institutions. Ransomware attacks, that exploit targets utilizing malicious software code, have increased tremendously over the past few years. In addition to targeting business sectors, cybercriminals are now attempting to ambush the security posture of educational sectors. Educational institutions are an easy prey for ransomware attackers as they lack the fundamental elements of a secured network.

The HECVAT (Higher Education Community Vendor Assessment Tool or Higher Education Community Vendor Assessment Toolkit) is a security framework and template that higher education institutions can use to measure the security risks associated with potential or existing vendors. HECVAT is excellent for higher ed institutions because many third-party organizations tend to have structures and follow practices that lend themselves to increased cybersecurity risk.