- The education sector is revealed as the third-most targeted industry globally, with an average of 2,507 cyberattack attempts per week
- The phenomenon is mirrored in Hong Kong, prompting heightened cybersecurity awareness amongst Higher Education and K-12 institutions to safeguard their digital infrastructure and data privacy
- Microsoft encourages the education sector to mitigate risks through vigilance, protection, education, and training
November 7, 2024, Hong Kong – Microsoft’s latest Cyber Signals Report revealed that the education sector is the third-most targeted industry globally. This phenomenon is mirrored in Hong Kong, where a recent study identified the education sector as the most targeted industry for cyberattacks this year. Given the vast amount of sensitive data it handles, including health records, financial data, and other regulated information, the sector must prioritize enhanced security measures.
According to Microsoft’s latest Cyber Signals Report, the risk of cyberattacks is becoming more prevalent in the education sector:
- Institutions face an average of 2,507 cyberattack attempts per week globally, with universities being prime targets for malware, phishing, and IoT threats.
- Over the past year, Microsoft Defender for Office 365 blocked more than 15,000 emails per day targeting the education sector with malicious QR codes.
- The increasing AI adoption in higher education has added new layers of complexity in cyberattacks, as attackers exploit vulnerabilities in AI-enabled systems.
Proactively safeguarding sensitive research data in the Higher Education sector beyond traditional campus boundaries
Globally recognized for their pioneering academic innovation and research endeavors, local higher education institutions are proactively embracing AI and technologies in teaching and learning. However, as they advance their research collaborations with external partners, the exchange of information potentially expands the attack surface, necessitating the need for a robust security strategy.
“Additionally, students’ ‘bring your own device’ (BYOD) practice and access to public Wi-Fi hotspots have posed security challenges that transcend traditional campus boundaries.” said Fred Sheu, National Technology Officer, Microsoft Hong Kong. “To support Hong Kong’s ambition as an advancing innovation hub, Microsoft Hong Kong closely collaborates with the education institutions to safeguard the teaching and learning environments within and beyond campus.”
Microsoft Hong Kong remains resolute in assisting the sector to protect its community and assets through a secure AI platform, bolstering protocols against evolving threats for data protection and secure information sharing. With clear and sufficient AI practices and security guidelines, the education sector can strengthen their digital infrastructure and operational resilience to fend off different types of system disruptions.
Increasing awareness of the latest cyber threats and security hygiene is crucial in K-12
In fact, K-12 organizations are not exempted from ill-intentioned criminals. Unfortunately, they often lack the necessary resources and awareness to combat such threats effectively. Therefore, Microsoft Hong Kong has partnered with Hong Kong Association of Computer Education (HKACE) to empower 2,800 teachers and staff from 32 local schools to bolster their defenses with Microsoft 365 A3.
“The collaboration aims to provide schools with enterprise-grade collaboration tools to safeguard their sensitive information. Educating students, teachers and staff on cybersecurity best practices is a crucial step in the face of rampant ransomware and phishing attacks. By increasing cybersecurity awareness, providing essential training, and leveraging partnerships to deliver educational resources, schools can better protect themselves against malicious threats,” said Principal Kam Wai Ming, Honorary Chairman, HKACE.
Microsoft urges the sector to combat threats with vigilance, protection and authentication tools, as well as enhanced training
Microsoft remains committed to providing a trustworthy platform for educators and students to excel their full potential. To better protect and secure data, we encourage institutions, staffs, teachers, and students to follow these recommendations:
- The best defense against QR code attacks is to increase vigilance. Pause, inspect the code’s URL before opening it, and don’t open QR codes from unexpected sources, especially if the message uses urgent language or contains errors.
- Consider implementing “protective domain name service”, a tool that helps prevent ransomware and other cyberattacks by blocking computer systems from connecting to harmful websites. Prevent password spray attacks with a stringent password and deploy multifactor authentication.
- Educate students and staff about their security hygiene and encourage them to use multifactor authentication or passwordless protections. Studies have shown that an account is more than 99.9% less likely to be compromised when using multifactor authentication.
- Microsoft has launched role-based trainings for leaders, educators, students, parents, and IT professionals aligned to recommendations of the United States Cybersecurity and Infrastructure Security Agency.
###
About Microsoft
Microsoft (Nasdaq “MSFT” @microsoft) creates platforms and tools powered by AI to deliver innovative solutions that meet the evolving needs of our customers. The technology company is committed to making AI available broadly and doing so responsibly, with a mission to empower every person and every organization on the planet to achieve more.