Life has changed for many, many people in the age of the COVID-19 coronavirus pandemic. But while much of the focus has been on workplaces adapting to the “new normal” of the pandemic, education has also shifted dramatically as students — from K-12 through university level — have had their ordinary learning routine disrupted. Across the world, more than 1.2 billion children have, at some point this year, been removed from their regularly scheduled classrooms.
With schools and universities having been shuttered for prolonged periods of time, large numbers are switching to remote learning setups consisting of Zoom calls and e-learning platforms. Even before coronavirus, edtech (education technologies) was a fast-growing market, whether in online learning software or virtual tutoring tools.
However, it’s safe to say that almost no one saw the world’s learners and teachers becoming reliant on them quite as quickly as has happened in 2020.
When bad actors attack
Unfortunately, where there is disruption, there is opportunity for bad actors. The mix of more people than ever requiring remote access to these remote tools and their importance means that they represent a ripe opportunity for unscrupulous cyberattackers.
One such attack involves DDoS (Distributed Denial of Service) attacks. These cyberattacks involve perpetrators bombarding target services or websites with large quantities of fake traffic. The goal is to overwhelm those without the proper DDoS protection and cause them to become inaccessible to legitimate traffic, much like directing large numbers of cars down a residential street would make things more difficult for those people who actually lived on the street.
In a DDoS attack, the source of the attack is usually machines that have been infected with so-called “botnet malware,” often without their rightful owners being aware of this. Such botnet attacks allow attackers to throw large amounts of traffic at victims, while also disguising the original source of the attack.
These assaults can last anywhere from a few minutes to several days. DDoS attacks are no joke — having, in the past, temporarily knocked out even heavy hitters like Netflix and Twitter for short periods of time. The increasing availability of DDoS-for-hire services has ensured the problem gets even worse by making DDoS attacks more widely accessible to bad actors for as little as a few bucks a time. The results have the potential to be disastrous.
DDoS attacks are surging
DDoS attacks have surged during 2020, with far greater numbers targeting educational establishments. In September, a 16-year-old junior at South Miami Senior High School was arrested for a series of cyberattacks targeting Miami-Dade County Public Schools. These attacks, including a DDoS attack on the first day of the new school year, disrupted the distance learning tools being used for online classes. In the U.K., a cyberattack caused “operational disruption” across the University of Newcastle, which has upward of 20,000 students. These are just two isolated examples of recent attacks capable of bringing learning to a grinding halt.
DDoS attacks can have severe ramifications for educational organizations. These can include the inability to share timely critical information, to process new admissions and administrative information, and the corrosive damage such attacks can cause to reputation. While users have sympathy for victims of cyberattacks, parents, learners, and faculty may express displeasure at vital services being inaccessible if it appears that proper precautions have not been taken. Meanwhile, taxpayers may complain that their money is being wasted on systems that are inaccessible due to attacks. Whatever the reality (the ultimate responsibility is with the attackers who launched the DDoS attack in question), the public perception could be that the fault is with those offering the service that has been knocked out of action.
Even before coronavirus, school computer systems were frequently targeted by cyberattackers. One reason for this is that they may lack the latest cybersecurity tools used by big businesses, being instead reliant on older legacy systems. Things have simply ramped up as schools and other learning institutes have leaned more heavily on digital tools to help them carry out their jobs.
Protecting online education
But the tools do exist to fight back against DDoS attacks — and, in the process, save the online learning tools that so many rely on. First and foremost, it’s crucial that education establishments practice basic, but effective, security measures, like ensuring the use of complex passwords that are changed regularly and educating staff about the risk of phishing messages that could open up cyberattacks.
With DDoS attacks becoming more common, it’s also a great idea to consider bringing the professionals on board. DDoS protection systems work by detecting and blocking potential DDoS attacks in progress. They do this by carefully filtering incoming traffic so that DDoS traffic is stopped at arrival, but legitimate traffic requests are able to proceed as usual. Good cybersecurity systems will frequently also offer high-capacity global networks that can successfully defend against massive attacks of more than 65 billion attack packets every second.
The result is that your systems will be able to quickly recognize and shrug off a DDoS attack that would otherwise prove devastating. So that the people running, using, and otherwise relying on these tools can focus on learning and teaching.