INTERNET connection and digital device access were not the only problems plaguing students when they transitioned to virtual learning last year.
They, along with their education institutions, became popular targets of ransomware attacks.
The Covid-19 pandemic, noted Asia Pacific University of Technology & Innovation deputy vice-chancellor and chief innovation officer Prof Dr Vinesh Thiruchelvam, has affected the education sector at all levels.
He said in order for lessons to go on as lecture halls shut their doors to students, systems such as cloud-based software, video conferencing tools, and e-learning activities became the new norm.
“However, this rapid shift to complete reliance on technology also meant that the cyber-attacks surface has expanded with an increasing number of higher education institutions in Malaysia made vulnerable,” he told StarEdu.
Prof Vinesh said the fastest growing method of cyber attacks worldwide was ransomware.
In the United States alone, over 500 types of breaches affected over 13 million data records – the SolarWinds breach being the most common.
“With all the data stored and added to a university’s registration office, it’s not surprising that hackers enjoy targeting their data-rich vaults,” he added.
He said the actual motive behind ransomware attacks is almost always related to financial gains.
“All the cyber attacker needs to do post-launch is to wait for any careless employee within the organisation to download, click and execute the malware, then ‘boom’!
“Large corporations are willing to pay the ransom to secure their reputation or image, particularly when they do not have an efficient business continuity plan or a disaster recovery plan in place,” he said, adding that what is more amazing is that even those with no programming or coding skills can deploy cybersecurity attacks, due in part to the easily acquired ransomware attack kits available on the dark web.
According to Microsoft, education is the sector most affected by cyber threats (see infographics).
Microsoft Malaysia national technology officer Dr Dzahar Mansor said education institutions are typically less prepared for ransomware attacks for a variety of reasons, including budget, lack of capabilities and others, making them easy targets for cyber attackers.
“Cyber criminals are certainly aware of this and are further incentivised by the increasingly lower costs and risks to execute these ransomware attacks,” he added.
According to CyberSecurity Malaysia chief executive officer Datuk Dr Amirudin Abdul Wahab, ransomware was first detected in Malaysia in 2017 when the WannaCry attack happened across the globe.He said Malaysia has seen a slight increase in ransomware attacks from 65 last year to 69 in 2021.