Indian education sector biggest target of cyber threats: Report

The education sector in India is the most vulnerable to online attacks and cyber threats, a new study has revealed, ahead of the United States, United Kingdom, Indonesia and Brazil. The study conducted by Singapore-based company CloudSEK also shows an increase of 20 per cent in such attacks globally.

The report, titled ‘Cyber Threats Targeting the Global Education Sector’, was compiled by the Threat Research and Information Analytics Division of the Singapore-based CloudSEK, which manages digital risks to companies through artificial intelligence.

The report reveals that globally, the education sector saw 20 per cent more digital threats in the first 3 months of 2022, as compared to the same period in 2021. The reasons for this were the adoption of digital methods in remote learning during the covid pandemic.

Also Read | India has strong defence against cyber attacks: Power minister R K Singh

By 2025, CloudSEK data says, the global education and training market is expected to reach $7.3 trillion, a growth rate which has doubled from 2019 to 2025. A significant section of the growth, the report reveals, is in the ed-tech sector, especially in developing countries. This growth, in turn, has attracted several cybercriminals.

Over 58 per cent of the threats the company studied in Asia and Pacific were found in India or India-based educational institutions, followed by Indonesia which accounted for 10 per cent of the attacks. “This included attacks on BYJU's, IIM Kozhikode and Tamil Nadu's Directorate of Technical Education," the report said.

Also Read | Centre claims it foiled Chinese cyber-attack on disputed border

Apart from India, globally, the US attracted the highest number of such threats accounting for 86 per cent of threats in North America. “These include ransomware attacks on prestigious institutions such as Howard University and University of California. In addition, high-risk API vulnerabilities were uncovered in Coursera,” he report read.

Among the steps that the company has outlined for institutions to adopt to stop such attacks, is the not clicking on suspicious emails, messages and links; not downloading or installing unverified apps; using strong passwords and enabling multi-factor authentication (MFA) across all accounts.

“The institutions should block illegitimate IP addresses and deactivate port forwarding using network firewalls. They should perform real-time monitoring of the internet to identify and mitigate low-hanging threats, such as misconfigured apps, exposed data, and leaked accesses, that are leveraged by cybercriminals to carry out large scale attacks,” the report read.

Watch the latest DH Videos here: