Distributed Denial of Service (DDoS) attacks seek to knock websites or online services offline by overwhelming them with enormous quantities of fake traffic. Such attacks have been taking place for the past couple of decades. However, over the last year, as the COVID-19 pandemic meant people than ever were more reliant on the internet for everything from shopping to remote learning, the number of attacks have increased. That’s bad news for those lacking the necessary protection in the form of safeguards like Web Application Firewalls (WAF), on which we will elaborate below.
Not only are attacks larger in size and more frequent than ever, but they are also attacking new sectors with unprecedented ferocity. One of these is the education sector. DDoS attacks aimed at education aren’t entirely new. In fact, the first recorded DDoS attack in history, which took place in July 1999, was used to attack a computer system at the University of Minnesota in the United States. But for much of the time following this, DDoS has been used to attack businesses, rather than schools. That’s changing now.
According to some reports, the number of attacks per organization taking place in the academic sector far outpaces the average across all sectors in the United States. Similar trends are seen elsewhere in markets like Europe and Asia. Of these attacks, DDoS attacks account for the majority.
Relying on online learning tools
What was different in 2020 was the newfound importance of remote learning tools. With COVID-19 causing lockdowns throughout the world, millions of learners were unable to attend regular school and college, and instead had to carry out their learning from home. Schools and colleges — which may previously have relied on limited, aging infrastructure for computer systems related to remote learning — suddenly found themselves reliant on them in a way they hadn’t before.
These tools are required for providing both staff and pupils access to crucial teaching materials. A cyberattack that’s able to render them inaccessible for anything from hours to, potentially, days or weeks can prove disastrous. For would-be attackers, this combination of education institutions’ new reliance on these tools, and inexperience deploying them on a large scale, represents a massive disruption opportunity.
Aside from schools and colleges themselves, DDoS attacks targeting the education system could also be waged against popular platforms like Zoom, Google Classroom, Coursera, Blackboard, and others.
New forms of attack
One notable cyberattack disrupted the initial week of the new school year for students at Miami-Dade County Public Schools in the US. The DDoS attacks overloaded school networks with traffic, stopping faculty and students logging into the My School Online platform, a platform that allows teachers to set homework, disseminate learning materials, carry out quizzes, and more. The DDoS attack stopped up to 17,000 users from gaining access to the platform for remote learning purposes. Ultimately, authorities in Miami arrested a 16-year-old student from South Miami Senior High School.
The ability to launch such cyberattacks is getting more and more widespread all the time. A large part of this is the availability of DIY DDoS attacks, or the ability to cheaply and easily hire a “botnet” for just a few dollars. This has lowered the barrier to entry for DDoS, and means that it’s now possible for anyone who wants to to wage a DDoS attack on a target.
While most of the DDoS attacks reported so far in this sector have seemingly been focused on causing disruption, many of the alternative educational cyberattacks have involved ransomware malware. These have blocked users from being able to gain access to the crucial files and systems they need — unless they are willing to pay a ransom, typically paid in Bitcoin. In more recent years, there has been a big uptick in the number of threatened DDoS attacks in which attackers will try and extort money by promising to bring down a website or online service unless they are paid a ransom. This, too, is something that schools, colleges, and other educational institutions must now be wary of.
Fighting back against DDoS attacks
Fortunately, potential victims are no longer helpless in these scenarios. Cybersecurity experts are now able to offer the defenses whereby organizations can protect themselves against DDoS. Some of the most effective DDoS countermeasures work by using a Web Application Firewall (WAF) to proactively and intelligently monitor all incoming traffic requests, and block any that appear to be suspicious. They can do this while continuing to allow through legitimate traffic, thereby allowing systems to continue working as they should — even while cyberattackers are attempting to wage a DDoS assault on a target. Cybersecurity experts can additionally provide the tools to help absorb multi-gigabyte DDoS attacks.
DDoS attacks can — and do — have devastating consequences. Any service outage, whether it’s a games platform, code repository, or online store, is going to have negative impacts. However, few types of wilful disruption on the part of hackers are more wilfully malicious than disrupting the ability of learners to, well, learn. Although physical classrooms will return after the current coronavirus pandemic, it seems that some form of “blended learning” — combining both in-person teaching and online education — will continue for the foreseeable future. In other words, such attacks aren’t likely to go away. People must adapt to be able to deal with them.
Learning to best defend against such attacks is a valuable education in itself.