3 out of 4 Cyberattacks in the Education Sector Are Associated with a Compromised On Premises User or Admin Account
Netwrix, a cybersecurity vendor that makes data security easy, today revealed additional findings for the education sector from its survey of 1,610 IT and security professionals from more than 100 countries.
According to the survey, 69% of organizations in the education sector suffered a cyberattack within the last 12 months. Phishing and user account compromise were the most common attack paths for these organizations, while phishing and malware (such as ransomware) topped the list for other verticals. What’s more, 3 out of 4 attacks (75%) in the education sector were associated with a compromised on-premises user or admin account, compared to 48% for other sectors.
Organizations in the education sector handle variety of accounts — staff, third-party contractors, educators, students, alumni — that have a high turnover rate. Even if identity management is automated, it is a challenge to keep users trained on security best practices because there is a continual supply of newcomers. In addition, students may lack experience in spotting phishing emails or fake websites asking for their credentials. To address these challenges, it is essential to mandate security training within the first few weeks and repeat it on a regular basis.
Dmitry Sotnikov, VP of Product Management at Netwrix
To enable research and collaboration, educational institutions often provide a variety of shared devices and systems exposed to the internet — creating a massive attack surface. To mitigate risk, it is crucial to enforce strong password policies that prevent the use of weak and compromised passwords, implement multifactor authentication (MFA), and adhere to the least privilege principle. In addition, automated detection and response solutions can help IT deal with account compromise and abuse in a controlled and efficient manner.
Dirk Schrader, VP of Security Research at Netwrix
To learn more about security trends, check out the complete 2023 Hybrid Security Trends Report.
Netwrix champions cybersecurity to ensure a brighter digital future for any organization. Netwrix's innovative solutions safeguard data, identities, and infrastructure reducing both the risk and impact of a breach for more than 13,500 organizations across 100+ countries. Netwrix empowers security professionals to face digital threats with confidence by enabling them to identify and protect sensitive data as well as to detect, respond to, and recover from attacks.
For more information, visit www.netwrix.com.
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170