The transition to remote work and the rise of online education caused an expected growth in the number of DDoS attacks, including attacks on the resources of educational and administrative institutions. According to Kaspersky Lab, in the Q1 2020, these cases reached 19% out of the total number of incidents. In the same period of the previous year, they amounted only to 11%. At the same time, the number of attacks on educational platforms and governmental websites has increased by three times compared to 2019.
Why are DDoS attacks dangerous for educational institutions?
Electronic diaries are the thing that comes up to mind first when you think about potential threats. Tampering with marks in a class or personal diary has always sounded like an attractive idea for pupils. Some of them were unable to resist the temptation: they took an eraser and a pen of the same color and eraser the D grades put by a pencil, replaced F's with B's. This scheme is much more difficult to execute nowadays: diaries have gone online, so erasers and pens are replaced with... DDoS attacks that can easily paralyze the work of an online resource. The logic is simple: no diary means no homework, no unsatisfactory grades, and no problems.
Such an attack is rather easy to execute. Pupils often team up to prevent parents from gaining access to the "compromising material" in their online diary. The students follow the guidelines to install and launch a very simple program on their PCs, specify the web resource address, and then their PCs making DDoS attacks 24 hours a day.
When the number of participating PCs becomes way too big, the consequences may become worse than a temporary website crash. For example, there was a notorious case in the USA, when an unprepared pupil ordered a DDoS attack to a knowledge checking system. To be on the safe side, he engaged several assistants. Due to their concerted effort, the entire infrastructure of the education department went offline in the zero hour. The losses amounted to several millions of dollars, which had to be recovered... by the parents of a young genius. Of course, they were anything but pleased with it.
However, an electronic diary is only a part of the story. Sometimes, online courses and electronic testing portals become victims of attacks by students and pupils. Due to the spread of e-learning, this might become a major concern. There are also cases when a DDoS attack acts as coverage for a targeted attack on an information system aimed to steal or change personal data and other information of critical importance.
The number of DDoS attacks is the highest in summer, during vacations, because this is the time when admission offices start working. Due to a high number of processes that have already gone online (document submission, applying to universities, tracking the competition status, etc.), a DDoS attack may become a very unpleasant surprise.
How to protect yourself from DDoS attacks?
Believe it or not, but such a tool exists. Kaspersky Lab has developed a solution that prevents against DDoS attacks—Kaspersky DDoS Protection. This is a cloud-based product designed to redirect the traffic from protected resources to the Kaspersky Lab infrastructure, which filters out malicious requests.
Kaspersky DDoS Protection is an integrated software and hardware system that comprises high-performance networking equipment and trusted servers with Kaspersky Lab software installed on them. The solution is not only very effective against DDoS attacks but also ensures compliance with regulatory requirements for state information system and critical information infrastructure protection. The solution is included in the Register of Russian Software and is certified by FSTEC (Federal Service for Technical and Export Control).
The practical side of things
Customers are reluctant to tell about actual DDoS attacks, but some cases are available anyways. A very demonstrative example is the protection of the Educational Portal of the Republic of Tatarstan, edu.tatar.ru, with Kaspersky DDoS Protection.
Since 2014, the resource has been regularly threatened by DDoS attacks of various types and capacities, so its owners addressed Kaspersky Lab to solve this problem. Kaspersky experts were able to quickly find the root cause—they discovered a group in a popular social network where pupils discussed and planned DDoS attacks on an education portal, being afraid to show their "outstanding" performance to their parents.
Since that time, Kaspersky Lab provides continuous protection to the educational portal of the Republic of Tatarstan. It would be an exaggeration to say that the attacks have become more sophisticated—after all, malefactors are mostly amateurs. But the attack frequency and strength never go down, so educational resources require ongoing protection.
Education is the core business for educational institutions, and it may suffer from the actions of malefactors. That's why they need to adequately assess the potential risks, the consequences or their realization, and the vulnerabilities in the existing systems. It is necessary to simulate the worst-case scenarios because the attackers who spend their time and resources on the attack and know what they want to get and may strike when the system is the most vulnerable. Then the consequences of an attack will be the most severe.