Malware attacks most common at school return

The return from school holidays can be a drag in a number of ways but the most damaging is the threat of malware attacks. Often staff and students bring in a device that's been infected at home.
Jul 18, 2018

The return from school holidays can be a drag in a number of ways but the most damaging is the threat of malware attacks. Often staff and students bring in an infected device, hop on the wifi and merrily spread the bug through the school network.

There’s been a sharp increase in backdoor malware in Australia this year, rising by 1886% with Australian cases increasing from 7102 in Q1 to 141,046 in Q2. Data show that Riskware at 2266 detections, Adware at 1957 detections and Hijacker at 1793 detections have been some of the most common threats for students this quarter in Australia.

In the past 12 months Malwarebytes detected and cleaned more than 62,000 pieces of Malware from schools in Australia. Many of the detections are from often-overlooked types of Malware such as Adware, which slow down computers and take up screen space.

Jim Cook, Regional Director, Australia and New Zealand, Malwarebytes says, “Cybercriminals actively target sites where students commonly browse, and they are often legitimate sites. A common way to infect one of these sites is through the ads, which get served up from a different, less secure source, an occurrence which is reflected by this quarter’s data.

"As the cyber threat landscape evolves, there is a need for schools to understand cybercriminals’ tactics, and ensure their security are capable of keeping their staff and students protected." 

Top tips for schools to consider when protecting themselves and their students from malware attacks include;

  • Invest in an endpoint security solution that uses multiple layers to protect staff and students whether they are working within a secure environment or not. Protection of PC, Mac, IOS and Android devices is critical
  • Monitor and categorise all IoT devices on the campus. Flagging new or unknown devices can help restrict the many threats that may occur in an educational environment and consistent vigilance from a centralised system will help to identify and remedy risks as they occur anywhere on the network
  • Segregate your network so that staff devices, student devices and unmanaged IoT devices are on separate VLANs. That way if an infection does occur it’s won’t spread as far or as fast
  • Automate remediation to free up IT time and offer proactive education to students and staff who use IoT connected BYODs on campus
  • Always back up your important information. 

The Q2 CTNT Report findings

  • Australia and New Zealand follow global trend of cryptomining cases decreasing from Q1
  • Globally, the number of cryptomining cases decreased by more than 4.8 million cases
  • Australia saw a decrease of 3.8% from 147,721 detections in Q1, to 142,107 in Q2
  • Sharp increase in backdoor malware in Australia, rising by 1886%
  • Australian cases increased from 7,102 in Q1 to 141,046 in Q2
  • The number of adware detections have increased in both markets, reflecting a global increase of 19% over the last quarter 31% increase in Australia, from 237,564 to 311,401 cases, 33.4% increase in New Zealand from 39,035 to 52,091 cases
  • Potentially Unwanted Programs (PUPs) such as spyware and dialers and Potentially Unwanted Modifications (PUMs) detection have also increased respectively. Between Q1 and Q2, PUPs rose from 2.6 to 2.7 million in ANZ (increase of 3.9%), while PUMs jumped from 125,723 to 176,755 cases (increase of 40%).