Cybercriminals most target educational institutions, report finds


Cybercriminals targeted educational institutions around the world the most in the third quarter, according to a recent report.

The report, titled Quarterly Report: Incident Response Trends Q3 2022 by Cisco Talos, reveals an equal number of ransomware and pre-ransomware engagements, accounting for nearly 40% of threats in Q3.

This is a change from previous trends, as for the first time since the fourth quarter of 2021, the telecommunications sector was not the most targeted vertical sector. “Although the reason why the education sector is more frequently targeted this quarter is unknown, it is a popular time of year for adversaries to target educational institutions, as students and teachers are returned to school,” the report said. The financial services, government and energy sectors were respectively the other sectors most targeted by cybercriminals, according to the report.

The quarter was also characterized by the rise of a new ransomware family called Black Basta, which first appeared in April 2022. The third quarter was also characterized by high profile ransomware variants already seen such as Hive and ViceSociety.

Common threats present in previous quarters, including phishing and Business Email Compromise (BEC), attempts to exploit weaknesses or vulnerabilities in public-facing applications, and insider threats, also continue to dominate the security sphere. cybersecurity, according to the report.

Within enterprises, the lack of multi-factor authentication (MFA) remains one of the top barriers to enterprise security, according to the report. Nearly 18% of engagements did not have MFA authentication or only had it enabled on a handful of critical accounts and services, allowing the attacker to log in and authenticate.

Fady Younes, Director of Cybersecurity, EMEA and MEA Service Providers, Cisco, said, “Today, more than ever, in an increasingly connected and digital age, cybersecurity is of the utmost importance. As businesses and governments across the region seek to protect their data and operations, Cisco continues to support our customers, helping to quickly detect and protect against cyber risks.

He added: “Security is a data set. The more information we have about the threat landscape, the better our telemetry, the higher the likelihood of being able to prevent security incidents. When a breach occurs, our capabilities can detect, respond to, and remediate threats as quickly as possible. »

Copyright © 2022 Khaleej Times. All rights reserved. Provided by SyndiGate Media Inc. (


Comments are closed.