Online education platform threats and mitigations
The rapid shift to online learning brought about by the pandemic is all but guaranteed to increase the threats they are facing and incidents they will experience.
Typical users of online learning platforms – students, lecturers or teachers.
Typical types
- Online training with content.
- Online training by trainers
- Large educational institutes – Going online.
A platform for educators and learners with educators creating educational videos and offering Live interactive classes. Educators typically create educational videos/content and give access to the learners.
The digitization of the education industry and the rise of LMS and eLearning platforms represent fantastic opportunities for schools, universities and students. But this also means more devices, both institutional-owned and student-owned connect to the network.
Students use an increasing number of devices – on campus, at home and on the go – connecting endpoints to both secure and unknown networks. This increases the risks of devices being infected, putting the institution’s corporate network and the student’s personal data at a greater risk of being compromised.
Use cases
- Video conferencing app based attacks
- Please refer https://playbooks.flexibleir.com/playbooks-for-video-conferencing-app-attacks/
- Data loss / theft
- Please refer https://playbooks.flexibleir.com/playbook-data-breach/
- Commodity malware attacks
- Phishing
- https://playbooks.flexibleir.com/phishing-playbook/
- Ddos
- Ransomware
- All threat scenarios of a E-commerce site
- All cloud related threats.
References
- https://www.ic3.gov/media/2020/200401.aspx
- https://securityboulevard.com/2020/07/cybersecurity-researchers-discover-5-e-learning-websites-leaking-nearly-1-million-user-records/
- https://cyware.com/news/cyberattacks-runs-rampant-in-the-education-sector-27c73a52
- https://securityaffairs.co/wordpress/103688/data-breach/educba-data-breach.html?web_view=true
- https://cyware.com/news/fears-of-cyberattacks-looming-across-the-education-sector-b83e07e2
- https://cyware.com/news/cybercriminals-target-educational-institutions-making-them-a-sweet-spot-for-ransomware-attacks-01fe0ef0
- https://www.armor.com/resources/armor-identifies-10-new-ransomware-victims-in-the-past-9-days/
- https://www.scmagazine.com/home/security-news/news-archive/coronavirus/race-to-adopt-online-learning-under-covid-19-exposes-schools-to-cyberattacks/