Cybercriminals targeting educational institutions the most, report says

The third quarter was also characterised by the rise of a new ransomware family called Black Basta



Apart from  educational institutions, financial services, government, and energy sectors respectively formed the other top targeted sectors by cybercriminals, the report showed. - file photo
Apart from educational institutions, financial services, government, and energy sectors respectively formed the other top targeted sectors by cybercriminals, the report showed. - file photo
by

Somshankar Bandyopadhyay

Published: Tue 22 Nov 2022, 7:01 PM

Cyber criminals targeted educational institutions around the world the most in the third quarter, according to a recent report.

The report, entitled Quarterly Report: Incident Response Trends in Q3 2022 by Cisco Talos, reveals an equal number of ransomware and pre-ransomware engagements, making up nearly 40 per cent of threats in Q3.

This is a shift from previous trends, as for the first time since the fourth quarter of 2021, the telecommunications sector was not the top-targeted vertical. “While the reason for the education sector being more frequently targeted this quarter is unknown, this is a popular time of year for adversaries to target education institutions as students and teachers have returned to school,” the report said. Financial services, government, and energy sectors respectively formed the other top targeted sectors by cybercriminals, the report showed.

The quarter was also characterised by the rise of a new ransomware family called Black Basta that first emerged in April 2022. Q3 was also characterized by previously seen high-profile ransomware variants such as Hive and ViceSociety.

The common threats present in previous quarters, including phishing and Business Email Compromise (BEC), attempts to exploit weaknesses or vulnerabilities in public-facing applications, and insider threats, also continue to dominate the cybersecurity sphere, the report said.

Within enterprises, the lack of Multi-Factor Authentication (MFA) remains one of the biggest obstacles to corporate security, according to the report. Nearly 18 per cent of engagements either had no MFA or only had it enabled on a handful of accounts and critical services, allowing the cybercriminal to log in and authenticate.

Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco, said: “Today, more than ever, in an increasingly connected and digital age, cybersecurity is of the utmost importance. As enterprises and governments across the region seek to safeguard their data and businesses, Cisco continues to support our customers, helping drive rapid detection and protection against cyber risks.”

Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco. - Supplied photo
Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco. - Supplied photo

He added: “Security is a game of data. The more insights we have into the threat landscape, the better our telemetry is, the higher the likelihood of being able to prevent security incidents. When a breach occurs, our capabilities can detect, respond and remediate threats as fast as possible.”


More news from Business