Research: Compromised On-Premises Accounts Blamed in 75% of Attacks Targeting Education

  • By Kristal Kuykendall
  • 09/28/23

In three of four cyberattacks targeting education institutions over the last 12 months, IT and security practitioners surveyed by cybersecurity vendor Netwrix cited compromised on-premises user or admin accounts as the attack pathway, according to a new report.

The 2023 Hybrid Security Trends – Education Findings report details findings from Netwrix’s survey of over 1,600 IT and security professionals, which included questions about educational institutions’ IT architecture and digital transformation progress.

Just over three-fourths of respondents said their organization uses a hybrid IT architecture, with 5% fully operating in the cloud. Of the remaining 18% education organizations whose IT systems are housed strictly on-premises, 68% said they plan to adopt cloud technologies moving forward, according to the report.

According to the report, 69% of education respondents said they suffered a cyberattack within the last 12 months, with the most common attack vectors being phishing and user account compromise, Netwrix. What's more, 3 out of 4 attacks (75%) in the education sector were associated with a compromised on-premises user or admin account, compared to 48% for other sectors.

"Organizations in the education sector handle variety of accounts — staff, third-party contractors, educators, students, alumni — that have a high turnover rate. Even if identity management is automated, it is a challenge to keep users trained on security best practices because there is a continual supply of newcomers," said Dmitry Sotnikov, VP of Product Management at Netwrix. "In addition, students may lack experience in spotting phishing emails or fake websites asking for their credentials. To address these challenges, it is essential to mandate security training within the first few weeks and repeat it on a regular basis."

Netwrix urged IT managers to enforce strong password policies that prevent the use of weak and compromised passwords, require MFA, and adhere to the least-privilege principle.

Find the full survey results at Netwrix.com.

About the Author

Kristal Kuykendall is editor, 1105 Media Education Group. She can be reached at [email protected].


Featured

  • glowing digital brain made of blue circuitry hovers above multiple stylized clouds of interconnected network nodes against a dark, futuristic background

    Report: 85% of Organizations Are Using Some Form of AI

    Eighty-five percent of organizations today are leveraging some form of AI, according to the latest State of AI in the Cloud 2025 report from Wiz. While AI's role in innovation and disruption continues to expand, security vulnerabilities and governance challenges remain pressing concerns.

  • a glowing golden coin with a circuit board pattern, set against a gradient blue and white background with faint stock market graphs and metallic letters "AI" integrated into the design

    Google to Invest $1 Billion in AI Startup Anthropic

    Google is reportedly investing more than $1 billion in generative AI startup Anthropic, expanding its stake in one of Silicon Valley's leading artificial intelligence firms, according to a source familiar with the matter.

  • abstract representation of a supercomputer with glowing blue and green neon geometric shapes resembling interconnected data nodes on a dark background

    University of Florida Invests in Supercomputer Upgrade for AI, Research

    The University of Florida has announced plans to upgrade its HiPerGator supercomputer with new equipment from Nvidia. The $24 million investment will fuel the institution's leadership in AI and research, according to a news announcement.

  • Stock market graphs and candlesticks breaking apart with glass-like cracks

    Chinese Startup DeepSeek Disrupts AI Market

    A new low-cost Chinese artificial intelligence model is wreaking havoc in the technology sector, with tech stocks plummeting globally as concerns grow over the potential disruption it could cause.