Education Accounts for 7.3% of Cybersecurity Incidents Across Industries in 2022, Up from 2.8% in 2021

  • By Kate Lucariello
  • 03/01/23

IBM Security, releasing its annual X-Force Threat Intelligence Index for 2023, noted that education, sixth on the list of 10 industries analyzed, jumped from 2.8% of all incidents in 2021 to 7.3% in 2022. The company noted it changed how it examined some of its data to give a more insightful and helpful picture of cybersecurity threats. Key threat highlights in the report include backdoor activity, extortion, phishing, and hacktivism/malware.

Across industries in 2022, extortion attacks accounted for 27% of incidents, deployment of backdoor access 21%, and ransomware attacks 17%. Although there was a 52% drop in phishing seeking credit card data, overall 41% of initial access incidents involved phishing, IBM said, with 62% of those using spear fishing attachment tactics.

In education alone, IBM Security X-Force responded to the following attacks:

  • Exploitation of public-facing applications on initial access (42% of incidents);
  • Spear fishing attachments (25%);
  • Data theft, extortion, and reconnaissance impacts (25% each);
  • Backdoor attacks (20%);
  • Ransomware, adware, and spam (13% each); and
  • Phishing (through service, link, and valid cloud and local account abuse) (8% each).

The company noted that the highest number of attacks were directed at Asia-Pacific areas (67%), followed by North America (27%) and Latin America (6%).

IBM Security gave several recommendations: Manage critical data assets to reduce exposure to attack; include source code, credentials, and other data that could already be out on the web in asset management programs; immediately act on threat intelligence; be prepared for attacks with flexible incident response plans; and have a reputable and competent IR vendor on retainer to help plan, test, and enact incident responses.

"Attacks are inevitable; failure doesn't have to be," the report concluded. "Organizations should develop incident response plans customized for their environment."

To read keynotes of the report, watch video discussions of specific insights, and register to download the report, visit the Threat Intelligence Index 2023 page.

IBM Security X-Force is a team of hackers, responders, researchers, and analysts who provide cybersecurity services. To learn more, visit the X-Force page.

About the Author

Kate Lucariello is a former newspaper editor, EAST Lab high school teacher and college English teacher.

Featured

  • geometric pattern features abstract icons of a dollar sign, graduation cap, and document

    Maricopa Community Colleges Adopts Platform to Combat Student Application Fraud

    In an effort to secure its admissions and financial processes, Maricopa Community Colleges has partnered with A.M. Simpkins and Associates (AMSA) to implement the company's S.A.F.E (Student Application Fraudulent Examination) across the district's 10 institutions.

  • stylized figures, resumes, a graduation cap, and a laptop interconnected with geometric shapes

    OpenAI to Launch AI-Powered Jobs Platform

    OpenAI announced it will launch an AI-powered hiring platform by mid-2026, directly competing with LinkedIn and Indeed in the professional networking and recruitment space. The company announced the initiative alongside an expanded certification program designed to verify AI skills for job seekers.

  • Abstract AI circuit board pattern

    New Nonprofit to Work Toward Safer, Truthful AI

    Turing Award-winning AI researcher Yoshua Bengio has launched LawZero, a new nonprofit aimed at developing AI systems that prioritize safety and truthfulness over autonomy.

  • hooded figure types on a laptop, with abstract manifesto-like posters taped to the wall behind them

    Hacktivism Is a Growing Threat to Higher Education

    In recent years, colleges and universities have faced an evolving array of cybersecurity challenges. But one threat is showing signs of becoming both more frequent and more politically charged: hacktivism.