Lately, the education sector has become the target of increasingly frequent and severe cyberattacks. What more can the government do to protect students, teachers, and administrators from this new onslaught of cyber threats?
The State of Cybersecurity in European Schools

For years, European schools remained relatively untouched by cybercrime. As they’ve grown more reliant on digital education tools and various technological advancements have lowered the entry barriers for cyber criminality, they’ve been increasingly targeted by threat actors.

In the U.K., schools were more likely to have experienced a cybersecurity incident in 2022 than businesses. In fact, 85% of higher education institutions, 82% of further education colleges, 63% of secondary schools and 41% of primary schools reported a cyberattack or data breach from 2022-2023 — compared to only 32% of organisations.

Recent Cybersecurity Trends in Education

As more cybercriminals have targeted European education institutions, certain trends have become apparent.

The Rise of Ransomware

In 2020, four in 10 schools suffered a ransomware attack. An additional three in 10 didn’t experience one but are expected to be hit in the future. Schools are critical infrastructure and often lack basic security controls, so ransoms are typically ridiculously high. Many have no choice but to pay, prompting more attackers to target them.

Higher Education Disproportionately Targeted

Research shows attackers have been disproportionally targeting further and higher education institutions — they receive double the number of cyberattacks and data breaches as primary schools. Experts believe it’s because they possess desirable intellectual property and are a fundamental driver for government initiatives.

State-Sponsored Cyberattacks

Nation-states and state-sponsored attackers are on the rise. When education institutions, law enforcement agencies and regulatory bodies have the means to track the attackers, they find that a large number come from foreign countries. Many have speculated it proves their intent to steal valuable proprietary data or cripple countries’ critical infrastructure.

The Rise of Teleconferencing

Teleconferencing has emerged as one of the most popular alternatives to in-person lessons. Unfortunately, it introduces cybersecurity risks — students attending classes remotely often deploy few security measures, making them prone to phishing and man-in-the-middle attacks.

4 Common Cybersecurity Threats to Schools

Public schools are typically targeted by one of these four cybersecurity threats.

  1. Data Theft
    Data interception, tampering and exfiltration are among the biggest threats educational institutions face. Considering only 13% of the world had data protection measures in place in 2023, information theft is an achievable strategy for even the most novice cybercriminals.
  2. Distributed Denial-of-Service
    Distributed denial-of-service (DDoS) attacks overwhelm systems with malicious traffic, essentially forcing them to stop working. They’re an effective attack type because schools are considered critical infrastructure — meaning extended service interruptions are unacceptable.
  3. Ransomware
    Ransomware is one of the most common cybersecurity threats to European education institutions. Primary and secondary schools spend over £1.56 million per ransom — more than double the global average of £642,600.
  4. Social Engineering
    Attackers often target students, teachers and staff directly using social engineering tactics. Phishing was responsible for 90% of all data breaches in 2022. They often impersonate administrators to ask for login credentials or send malicious links. Since many use artificial intelligence, their deceit has become difficult to spot.
Why Are Schools Being Targeted by Cyberattacks?

One of the main reasons attackers target educational institutions is because it is incredibly lucrative. In the U.K., a single data breach cost over $4.21 million on average in 2023. The more attacks they launch, the richer they become.

Another reason is data. While schools may assume they have nothing of value, the information they hold is incredibly valuable. Attackers seek students’ and staff’s dates of birth, psychiatric records, addresses and financial information. They can use it to impersonate people, sell it on the dark web or steal identities.

Unfortunately, current students aren’t the only ones impacted by cyber threats. In 2022, 14 schools in the United Kingdom suffered a cyberattack at the hands of Vice Society — a threat group that disproportionately targets education institutions. The passport scans, staff pay records and contract details they stole went back to 2011.

What Are Governments Doing to Protect Schools?

European governments have taken notice of the rise in attack frequency and have taken action.

  1. Raising Cybersecurity Awareness
    The European Agency for Cybersecurity is prioritising training campaigns for cybersecurity awareness. The Safer Internet Centres offer awareness, helplines and hotlines to provide advice and assistance. The goal is to empower students and teachers to defend themselves.
  2. Developing Cybersecurity Skills
    The European Commission is taking action to develop cybersecurity skills in higher and professional education institutions. The European Cybersecurity Competence Centre and Network is currently working on four pilot projects.

    Considering 93% of research programme funding in the U.K. comes from the government, it’s no surprise governments seem to have a vested interest in protecting the intellectual property that higher education institutions provide.
  3. Making Devices More Secure
    The Cyber Resilience Act, proposed by the European Commission in 2022, indirectly applies to education. It requires connected — meaning internet-connected or interconnected — devices to be secure. They must also have support for at least five years to protect against cyber threats.
Is There Anything Else Governments Can Do?

Although governments are already taking action, they must do more to defend European schools against increasingly frequent and severe cyber threats.

  1. Provide In-Depth Training
    While governments are creating contests, competitions and camps to help young people develop cybersecurity skills, they remain inaccessible to the majority of students — and thus won’t be as effective as they should be. Since digitalisation has become so widespread, it would be prudent to integrate training directly into the curriculum to some extent.
  2. Publish Actionable Guidance
    Since advancements in artificial intelligence, automation and digitalisation have lowered the entry barrier to cyber criminality, it would be wise for governments to publish modernised guidance on common cyber threats. Different versions for administrators, teachers and students would be ideal. In any case, they should be accessible and actionable.
  3. Provide More Funding
    Many European schools lack adequate funding to defend against or recover from cyber threats. Even those with large budgets can’t afford to spend much more on security — although the average U.K. university has a £7 million IT budget, only £560,000 goes toward cybersecurity. Governments should offer need-based grants or benchmark-based monetary rewards.
  4. Establish a Task Force
    As cyber threats become more frequent and severe, schools and local governments will be unable to keep up. Governments should proactively establish investigative task forces to address education-based cyberattacks. This way, they’ll have a better chance of identifying the cybercriminals responsible and recovering some of the financial losses.
Government Assistance Is the First Line of Defence

The guidelines, financial support and training governments provide act as the first line of defence against threat groups and state-sponsored cybercriminals. Their assistance is essential for protecting the personally identifiable information of students, teachers and administrators.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.