Education Today Logo


Education Today Cover Browse Issue

Education institutions see most Trojan attacks

News Image

Education was the top industry globally impacted by Trojans in 2018, and cybersecurity company Malwarebytes Labs has identified this trend will continue to accelerate in 2019.

Trojans represented almost 30% of all detections on institution-owned devices. Among devices plugging into the network, Trojans represent the single largest threat category, even above generic Malware and Adware detections. Trojans use deception and social engineering to trick unsuspecting users into running seemingly benign computer programs that hide malicious ulterior motives.

Amongst Australian education organisations, 21% of compromised non-institution-owned devices carried Trojans, much higher than other western countries such as Singapore (17%), or the UK (5%).

In this first half of 2019, Emotet, Trickbot and Trace have been particularly active in the education space globally, with the three representing nearly half of all Trojans detected (44%) and more than 11% of all compromises

According to Malwarebytes, school and university networks often lack strong protection due to limited budgets and resources. As a consequence, connected devices remain a favoured point of entry for hackers, whether on institution-owned or BYOD devices, compromising systems and sensitive data.

In 2018, education was the top industry for Adware compromises, Trojan detections, and second on the list of verticals most commonly hit with ransomware.  This trend continued in the first half of 2019 and is likely to continue to remain a threat for educational institutions in years to come.

Australia a prime target
In Q3 this year, Malwarebytes detected more activity across the Australian education domain ( than the rest of the world’s education domains. In particular, August saw a growth of malware detections which could indicate the beginning of another surge into Spring.

Connected devices in hackers’ line of fire
Globally, in the first half of 2019, Trojans, Adware and Backdoors were the three largest categories of threats identified among education institutions:

  • Adware (43%) – Adware is unwanted software designed to throw advertisements up on screens, most often within a web browser. Typically, it uses an underhanded method to either disguise itself as legitimate, or piggyback on another program to trick the user into installing it on their PC, tablet, or mobile device.
  • Trojans (25%) – Trojans are often seen as a ‘virus’ or a ‘worm’, but they’re neither. Trojans use deception and social engineering to trick unsuspecting users into running seemingly benign computer programs that hide malicious ulterior motives.
  • Backdoors (3%) – Unlike other cyberthreats that make themselves known to the user (i.e. ransomware), Backdoors are known for being discreet. They exist for a select group of people in the know to gain easy access to a system or application, and they are on the rise.

Malwarebytes Labs also detected that globally the .edu domain email addresses was increasingly being used on a wide array of other networks, increasing the risk of infection and harm to both the device and the institution’s network when the device is brought back on campus.

According to Jeff Hurmuses, Area VP and MD, Asia Pacific, “The digitisation of the Australian education industry, and the rise of LMS and eLearning platforms represent fantastic opportunities for schools, universities and students. But this also means more devices, both institutional-owned and student-owned connect to the network.”

“Students use an increasing number of devices – on campus, at home and on the go – connecting endpoints to both secure and unknown networks. This increases the risks of devices being infected, putting the institution’s corporate network and the student’s personal data at a greater risk of being compromised”.

In fact, Malwarebytes found that devices plugged into the school networks (vs. school-owned devices) represented 1 in 3 compromises detected in H1 2019.

According to Malwarebytes Labs, schools and universities across Australia need to brace themselves for a continuing onslaught of cyberattacks.

“Cybercriminals are opportunistic: the more devices connected to an education institution’s network, the more data that is generated and therefore the more tempting the attack”, explains Hurmuses.

“The Australian education sector often puts cybersecurity as a secondary item on their list of priorities, mostly due to limited budgets, lack of internal cybersecurity skills and outdated infrastructure. However, institutions need to understand that protecting endpoints is of utmost importance. It is paramount to prioritise investments in appropriate device protection solutions, and collaborate with students and their parents to raise awareness about basic endpoint cybersecurity hygiene.”

Image by Jonathan Lin flicr cc Attribution License

19 Nov 2019 | National
A better future through food News Image

When you think about it, most of what we do as people centres on food, it’s essential for life and how it is produced and consumed has huge implications for our future. Read More

14 Nov 2019 | National
Still great to be a teacher when it comes to jobs News Image

Again, you will be glad that you completed that teaching degree as once again one of the areas with the healthiest job growth has been education and training.
Read More

13 Nov 2019 | International
‘Brave’ new word for children in 2019 News Image

Uncertainty is plaguing the planet and that is reflected by Oxford University Press Australia & New Zealand selection of the 2019 Children’s Word of the Year: Bravery. Read More

13 Nov 2019 | National
Future proofing our response to depression in the young News Image

The Black Dog Institute is recruiting for its study Future Proofing, which is Australia’s largest-ever clinical trial into the effectiveness of mental health apps for preventing anxiety and depression in adolescents. Read More

13 Nov 2019 | National
Why we need more male teachers News Image

There are a lot of kids who are a bit light on males in their lives, the reasons are many and in a teaching environment introducing more males could be a good thing. Read More