DDoS attacks on educational institutions increased sharply at the start of the academic year, reports the IT security product company Kaspersky Lab in its DDoS report on the third quarter of 2018. This year, the most prominent attacks hit the websites of the University of Edinburgh; and the US vendor Infinite Campus, which supports the parent portal for numerous city public schools.
The majority of these DDoS attacks were carried out during term time and subsided during the holidays. More or less the same result was obtained by the British UK education body Jisc. After collecting data about a series of attacks on universities, Kaspersky determined that the number of attacks fell when students were on holiday. The number of attacks also decreases outside of study hours, with DDoS interference in university resources mainly occurring between 9am and 4pm. All this suggests that responsibility for the attacks lies with students.
Overall, between July and September, DDoS botnets attacked targets in 82 countries. China was once again first in terms of the number of attacks. The US returned to second after losing its place in the top three to Hong Kong in the previous quarter. However, third place has now been occupied by Australia – the first time it’s reached such reports began. There have also been changes in the top ten countries with the highest number of active botnet C&C servers. As in the previous quarter, the US remained in first place, but Russia moved up to second, while Greece came third.
David Emm, pictured, Principal Security Researcher at Kaspersky Lab says: “A cybercriminal’s main goal is financial gain, whether directly or indirectly. However, not all cybercriminal activity is driven by money. It’s likely that DDoS attacks on universities, schools and testing centres could have been carried out by disgruntled young people to annoy teachers, institutions or other students, or maybe just to postpone a test. Attacks like this can often be carried out without the use of botnets, which are only available to professional cybercriminals. The latter are more concerned with mining and conducting only well-paid attacks. The skills shown by students would be commendable and somewhat impressive if they were used for good rather than attacking organisations that have to defend themselves against such attacks.”
