In our regular Breaking Scams section, a while back, we wrote about a scam that was based on free downloads. That scam was focused on popular TV shows, like Game of Thrones. The scam used the name of favourite TV shows to disguise malware files.
The malware, typically a Trojan, sat in wait to be downloaded by an unsuspecting TV show fan. A person wanting to view the show for free would go to a pirate TV site and download the infected file, thinking it was the TV show. Next stop, an infected computer and loss of valuable data, including banking login credentials, etc.
Now, security vendor Kaspersky has found this sneaky technique being used on our student population too.
The Education Sector and Cybercrime
As education becomes digitised, and student and staff data are drawn into that digitisation, cybercriminals are increasingly attracted to the sector. A quick look at how cybercriminals have been targeting the education sector recently shows this is a trend to watch. Here are some of the cybercrime attacks hitting our education sector in the last two years:
Cryptomining: Malware used to turn a device into a bot that mines cryptocurrency on behalf of a cybercriminal. A Cisco report found that 22% of cryptomining attacks targeted the university sector and 4% the K-12 (6th form) sector.
Malware infection: An Ecclesiastical survey found that 20% of British schools and colleges have been victims of a cyber-attack. Of that figure, 71% ended up with a malware infection.
Ransomware: Security vendor, Malwarebytes, found that in 2018-2019, education was the main recipient of the malware infection type, ransomware. Ransomware encrypts files and documents across a network and out to cloud repositories, then demands a ransom to decrypt them. Ransoms can run into thousands of pounds.
– Watch our free taster sketch “Phishing Emails in Real life” from our hilarious Sketches security awareness training series
The Malware Infected Student
Going back to Kaspersky and the infected freebie files mentioned in our introduction, we have to wonder why students are being targeted? Students are not the wealthiest of the population. But they are accessible. It is this mix of living online and being poor that is making them a victim of this type of cybercrime. Students, rightly or wrongly, will seek out free textbooks and other educational material. It saves money, and likely feels like a victimless crime. However, it is a double-edged sword. Kaspersky analysed free access files with “school- and student-related filenames”. Of the 356,000 times that Kaspersky spotted a cyber-attack against an educational sector user, 233,000 of those were malicious essays, a further 122,000 were disguised as textbooks.
The top three infected textbook types were:
- English
- Mathematics
- Literature
Natural sciences and foreign language course textbooks were also infected with malware. IN a nutshell, no free textbooks or files can be trusted to be malware-free.
It is also worth noting that many of these free textbooks are found on the darknet. This adds another dimension of danger to the student sourcing such free books.
Types of Malware Used to Target the Students
The types of malware disguised as textbooks, include cryptomining malware, Adware, and downloaders – which may seem innocuous but are a gateway to more malicious programs.
Crypto-mining malware is an insidious type of malicious program, especially from a student’s perspective. Because the malware needs to use an infected machine in a highly intensive manner – to mine cryptocurrency – it uses a lot of energy. The poverty-stricken student, loaned up to the eyeballs, may end up with an unusually large electricity bill as they continually charge their laptop up; or worse, their parents will foot the bill.
How to Protect Students from Malware Infections?
The malware infections carried via free textbooks or other education file downloads are a hard one to fix using technological solutions. It is highly tempting when you are strapped for cash to choose a freebie. However, the cost of doing so results in much higher costs when a machine becomes infected by malware. Within the context of education, containing malware infections is complicated by an extended and decoupled user base. It can be hard to reach users outside of the organizational jurisdiction. Some areas to consider that can help to reduce the threat of infection are:
- Talk to your Board of Trustees. Malware infection because of free textbook access can come under the general responsibility of Academic and Student Affairs. Make the board aware of the scope and impact of the situation around free textbooks and file access.
- Provide security awareness training across the entire organization including the student body. The use of remote, scenario-based educational programs in security awareness, is ideal for students.
- Provide continued up to date advice to students on the use of free textbooks and other digital freebies. Include the dangers of using the darknet and what lurks therein. Of course, this may also entice certain students to go onto the darknet, so this needs to be done in a cautious and informed way.
- Provide advice on or offer anti-malware tools to students.
Students work hard to get to university. They have to take out loans over many years to continue their studies. Having an expensive and possibly irreplaceable laptop taken over by malware might be the last straw for some. This continued threat to the education sector needs to be addressed. Having a security aware student and staff body can make real inroads in preventing a malware takeover of our educational sector.
Want to help secure your organisation? Sign up for a free demo and find out how we’re already helping organisations just like yours.
Subscribe to the Proofpoint Blog