Threats Disguised as eLearning Platforms Rise in Southeast Asia
Until a vaccine is made available for the general public, educational institutions across the Southeast Asian (SEA) region are forced to adapt to this unprecedented situation. The COVID-19 pandemic has required education and learning institutions to utilize remote and hybrid learning environments — with little to no preparation at all to most. Setting aside the technical aspects of this “new normal” in learning, cybercriminals are also preying on players in this industry now more than ever.
The total number of DDoS attacks increased by 80% in Q1 2020 globally when compared to Q1 2019. Moreover, attacks on educational resources accounted for a large portion of this growth. Between January and June 2020, the number of DDoS (Distributed Denial of Service) attacks affecting educational resources increased by at least 350% when compared to the corresponding month in 2019.
Cybercriminals attempt to overwhelm a network server with requests for services so that the server crashes — denying users access. DDoS attacks are particularly problematic because they can last anywhere from a couple of days to a few weeks, causing disruptions to organizations’ operations and — in the case of educational resources — denying students and staff access to critical materials.
A steep surge in the number of users in SEA who faced threats disguised as e-learning and videoconferencing platforms during the first three quarters of 2020 according to the Kaspersky Security Network (KSN). Applications and tools include Moodle, Zoom, edX, Coursera, Google Meet, Google Classroom, and Blackboard.
From just 131 affected users in January to March 2020, the second quarter saw Kaspersky solutions protecting 1,483 unique users in SEA against online threats related to virtual education and online video conferencing applications, a 1032% increase in a per quarter comparison. The global cybersecurity company also monitored a slight decrease to 1,166 users almost infected with malware in the third quarter.
It can be noted that most of the lockdown measures in SEA were implemented in the latter part of March. As COVID-19 cases declined, some countries like Vietnam and Thailand were able to relax their restrictions after the second quarter of the year.
“The four-digit rise in the number of users we’ve secured from various threats online prove that cybercriminals are well aware of the new loopholes they can exploit to victimize the already stressed educational sector. This forced but needed online transition has already left educators overwhelmed and anxious, which also means they are more vulnerable to falling prey against old but effective social engineering tricks such as phishing and scams,” according to Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“To help them, we at Kaspersky offer solutions and cybersecurity training to empower teachers and school administrators in building their technical and behavioral defenses against these cybercriminals. We believe that with the right security tools in place and proper mindset, educational institutions can focus better on how they impart knowledge to their students during this unique situation,” adds Yeo.
A solution that can help small and medium educational institutions is Kaspersky EDR Optimum. This newly launched tool enables organizations to implement the basic endpoint detection and response (EDR) scenarios, provides infrastructure visibility as well as incident investigation and response capabilities against basic to complex threats.
Understanding that schools and colleges may have a limited budget and workforce for IT security, this automated solution is easy to use, does not require a high level of user expertise, and requires much less attention and routine maintenance than you might expect from an EDR-class security solution.
Currently, Kaspersky is offering discounts for educational institutions in SEA for Kaspersky EDR Optimum on 10-999 nodes until December 2020.
- 1 year Base, Crossgrade: 30% Discount
- 3 year Base, Crossgrade: 50% Discount
- Add-On option for 1 & 3 year: 50% Discount
Interested schools and colleges can find out more about the promo by visiting https://kas.pr/56ne.
In addition, Kaspersky suggests the following steps on how educators can improve their security online:
1. Learn about the tools you are using – Know their capabilities and features as well as you can, by reading through the instructions, learning the interface, and searching on the Internet for configuration guides. Ensure that you follow the rules set by your institution as well.
2. Limit your tools – The IT tools you select to conduct classes should be convenient for both teachers and students. More tools do not necessarily mean a better experience. Before starting classes, make sure you have sufficient tools for the job and that all participants in the educational process are comfortable using them.
3. Set a unique password for each service – For every account, you need one unique password. Of course, all of your passwords should be strong — long enough and not too obvious.
4. Guard your educational accounts – Pay careful attention to the accounts you use for educational purposes. You should have no problems accessing them at any moment, and no one else should be able to log in to them.
5. Understand how to recognize phishing e-mails – It is important to know how to distinguish phishing attempts from official mailings and the messages legitimate services might send. Phishing sites often contain errors, misaligned layouts, and broken links, but sometimes scammers manage to create phishing pages that are indistinguishable from the real thing.
6. Protect devices – You need reliable protection on every device you use to access educational resources. If a student’s school computer is crawled by ransomware, for example, restoring the computer and files can waste a lot of valuable time.
And if a teacher’s computer becomes compromised, things can get even more interesting. Some malware may try to spread to students’ devices. That is why you need reliable protection on all computers, smartphones, and tablets.
To find out more about Kaspersky’s latest report on the risks against the education sector here.