Protecting education networks from DDoS attacks

Schools and colleges are becoming popular victims of cyberthreats

by Dennis Pierce

Education networks are becoming increasingly popular targets for Distributed Denial of Service (DDoS) attacks.

For this reason, technology leaders in K-12 and higher education should consider investing in a solution that protects their networks from these crippling assaults.

A DDoS attack occurs when a hacker takes control of thousands of computers and aims them at a single server, overwhelming the network with traffic and ultimately knocking it offline. These attacks can be very disruptive to teaching, learning, communication, and other day-to-day operations at schools and colleges.

Because DDoS attacks are fairly easy to execute, the list of schools and colleges that have become victims of these attacks is growing rapidly. Consider the following three examples:

1. Minnesota Department of Education: In 2015, the Minnesota Department of Education twice had to suspend its state testing when a DDoS attack created problems for students logging into the online assessment system.

2. Saint Charles Community Unit School District 303: This school district in Illinois was affected by a series of DDoS attacks over a period of six weeks, preventing students and staff from accessing any internet-related services or information.

3. Rutgers, Arizona State, University of Georgia: All have been the victims of DDoS attacks. After four such attacks during the 2014-15 school year, Rutgers spent $3 million to upgrade its network security and was forced to raise tuition by 2.3 percent. But the upgrades reportedly failed to protect the university from yet another attack in fall 2015.

“One reason we’re seeing a rise in DDoS attacks against education networks is because more and more students are aware of how to do this,” says Samantha Thibault, Director of Application Solutions for AT&T. “In my generation, students would pull the fire alarm if they wanted to get out of a test or a class.”

Today, there are a significant number of students inflicting attacks on their own school for the same purpose.

“It’s a pretty simple thing to do,” she said. “You can go on the dark web and find instructions on how to do this.”

Additional concerns

DDoS attacks aren’t merely a nuisance; they can also be used to hide other nefarious activities.

A hacker “could be using an attack to hide the fact that they’re trying to get a virus on the network, for example, or break into the network to access information,” Thibault says. “Schools have a lot of critical data, especially in higher education. Their research, financial, and administrative systems usually reside on the campus network.”

While there are premise-based solutions that can shut down a network in the event of an attack, the best option is to implement a cloud-based solution that can intercept the barrage of traffic attacking the network before it even reaches its intended server.

“That way, schools never get affected by the attack,” Thibault said. “The additional traffic gets diverted to the side, where ideally it gets analyzed to figure out who’s doing the attacking.”

DDoS Defense from AT&T is one such solution. It detects the presence of an attack in near real-time and diverts offending traffic to scrubbing facilities, while  allowing the flow of legitimate communication.

“We have analytics running in the cloud,” Thibault says, “and as soon as we see the signatures of an attack, we shuttle that traffic off and scrub it, then send the clean traffic on to help keep the school’s network safe and operational. Additionally, we can analyze that traffic should the customer want.”