Microsoft: BYOD, QR Codes Lead Rampant Education Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security

Microsoft: BYOD, QR Codes Lead Rampant Education Attacks


The average higher education institution is getting hit once a week now, and as one Oregon State University attack shows, the sector often lacks the resources to keep pace.


The education sector is facing thousands of cyberattacks per week these days — especially universities, a good portion of which experience at least one incident per week.
Education was the third most targeted industry in second quarter of 2024, according to Microsofts latest Cyber Signals report. This finding corroborates data from Check Point Software, indicating that the education and research sectors now face
more than 2,500 attacks weekly
, up 15% over the past couple of years.
The US has it the worst, but schools and related organizations across the world face
the same sorts of risks
. In Europe, for example, 43% of institutes of higher education report experiencing
a cyber incident at least once a week
, if not more often. Schools for earlier age groups faced significantly less frequent attacks (13% to 16%).
As Microsoft explained, education makes for a uniquely soft target, combining the vulnerabilities, blind spots, and legacy infrastructure issues endemic to various other major industries, but all in one package.
Schools — in particular, universities — tend to combine the functions of many kinds of organizations in one package.
A university is also a financial institution with lending capabilities (sometimes even more the latter than the former), and a healthcare and housing provider to its students and faculty. Schools at every level host payment processing systems, websites and email domains, and networks that, especially since the COVID-19 pandemic, can resemble Internet service providers. They employ food service and athletics staff, and host events. They might be in possession of potentially sensitive research data, and all of them have to manage the full spectrum of personally identifiable information (PII) belonging to usually thousands of people at once.
It follows, then, that educational institutions enjoy all of the cybersecurity challenges any other industry faces. New and legacy technologies commingle. Public schools struggle with funding. Cybersecurity talent is tough to find and retain. Students and teachers bring their own devices on and off campus every day, each one potentially carrying malware. And virtual learning extends the attack surface outward.
In some ways, these issues affect schools to a greater degree than they do other industries. For instance,
bring your own device (BYOD) risk
is one thing in a corporate environment, where employees can be educated in cyber-risk, but its an entirely different beast at schools, where those devices belong to children.
Or, consider QR codes. According to Microsofts telemetry, more than 15,000 malicious phishing and spam messages are directed to educational institutions every day, with so-called
quishing on the rise
.
In open and collaborative environments like schools, defenses that typically would be in place to help reduce the noise and create more effective defenses dont always work, explains Corey Lee, security chief technology officer (CTO) for Microsofts M365 Security.
Schools tend to pass around lots of QR codes, but lack the same rigor in vetting the messages they travel with. A lot of that has to do with the fact that email filters are not the same in education environments. Post-detection and response capabilities arent always the same in education environments. So when we have business email compromise attacks that use advanced lures like QR codes, it becomes very hard to detect and respond to, Lee says.
In 2021, Oregon State University experienced a cyberattack unlike anything before, Microsoft wrote. In the aftermath, it established its own security operations center.
A number of universities have done the same, or more. Louisiana State University (LSU), the University of Cincinnati, and California Polytechnic State University all operate SOCs. In Texas, the states Department of Information Resources (DIR) oversees a
Regional Security Operations Center
in collaboration with Angelo State University in San Angelo.
Education, as a sector, doesnt necessarily have lots of advanced personnel just sitting around, not doing anything. Oftentimes, [security staff] wear multiple hats, and theyre limited, Lee explains. Luckily, universities have a significant, untapped pool of potential talent waiting to be activated.
The challenge oftentimes is being addressed by scaling through students — being able to activate students to help them join in on the fight and be effective and efficient security defenders for the school.
Student-staffed SOCs serve multiple functions at once: not only helping to protect universities, but also other nearby educational, government, or even private organizations, all while training a new generation of cybersecurity talent. As Lee says, Theyre helping to address the security skill shortage, while defending home base.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Microsoft: BYOD, QR Codes Lead Rampant Education Attacks