Cybercriminals are now preying on educational institutions across Southeast Asia (SEA) that have been forced to shift to remote or hybrid learning environments, according to security firm Kaspersky.
Globally, the total number of distributed denial of service (DDoS) increased by 80% in Q1 2020 when compared to Q1 2019. Moreover, attacks on educational resources accounted for a large portion of this growth.
Between January and June 2020, the number of DDoS attacks affecting educational resources increased by at least 350% when compared to the corresponding month in 2019.
In DDoS attacks, cybercriminals attempt to overwhelm a network server with requests for services so that the server crashes — denying users access. DDoS attacks are particularly problematic because they can last anywhere from a couple of days to a few weeks, causing disruptions to organizations’ operations and — in the case of educational resources — denying students and staff access to critical materials.
The Kaspersky Security Network (KSN) also showed a steep surge in the number of users in SEA who faced threats disguised as e-learning and videoconferencing platforms during the first three quarters of 2020. Applications and tools include Moodle, Zoom, edX, Coursera, Google Meet, Google Classroom, and Blackboard.
From just 131 affected users in January to March 2020, the second quarter saw 1,483 users in SEA experienced online threats related with virtual education and online video conferencing applications — a 1032% increase in a per quarter comparison. The cybersecurity company also monitored a slight decrease to 1,166 users almost infected with malware in the third quarter.
It can be noted that most of the lockdown measures in SEA were implemented in the later part of March. As Covid-19 cases declined, some countries like Vietnam and Thailand were able to relax their restrictions after the second quarter of the year.
“The four-digit rise in the number of users we’ve secured from various threats online prove that cybercriminals are well aware of the new loopholes they can exploit to victimize the already stressed educational sector. This forced but needed online transition has already left educators overwhelmed and anxious, which also means they are more vulnerable to falling prey against old but effective social engineering tricks such as phishing and scams,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.