107% Increase in UK school Internet DDos attacks by students

Since England has been in Lockdown vast amounts of children across the country have been taught lessons online. The unusual adjustment due to the pandemic shutting down schools worldwide. The digital adaption has in turn led to a student rebellion with a 107% increase in DDos attacks (distributed denial of service) which “takes out” the schools Internet. (ideally for the duration of the lesson you could assume)

This has resulted in NCA announcing a new initiative to divert young people away from criminality has been launched after cyber attacks designed to block access to schools’ networks or websites more than doubled during the Covid-19 pandemic. 

Data from the National Crime Agency’s National Cyber Crime Unit (NCCU) shows there was a 107 per cent increase in reports from the police cyber prevent network of students as young as nine deploying DDoS attacks from 2019 to 2020.

Many referrals into the NCCU’s Prevent team are for children of secondary school age, with the median age at 15 and the youngest at nine. Now the NCA and Schools Broadband, part of the Talk Straight Group, have launched a new initiative aimed to educate students who search for terms associated with cyber crime on school computers.

Instead of reaching an access denied ‘block’ page, students will instead see a warning message and suggested redirection to the Cyber Choices website (www.cyberchoices.uk), which aims to educate children of all ages about the Computer Misuse Act, cyber crime and its consequences. Often referrals involve the use of stresser or booster services. These services cause DDoS attacks, denying access to a network or website of an organisation, and can cause major disruption to schools and colleges. 

The initiative, which has been in trial stages, has shown a significant reduction in stresser and booster searches over a period of four weeks. It will now go live in excess of 2,000 primary and secondary schools ahead of a roll out to further schools and colleges across the country. John Denley, Deputy Director of the NCA’s National Cyber Crime Unit, said:

“Education is a key pillar in preventing crime and these messages highlight the risks and consequences of committing cyber offences, which can result in a criminal record. “Law enforcement plays a critical role in tackling cybercrime and keeping the country safe. School outreach is important to educate a younger audience and this initiative will continue to help divert young people away from criminality. 

“This is a great example of the private sector helping us deliver the Cyber Choices message.”Damian Hinds, Security Minister, said: “Tackling cybercrime is at the heart of the Government’s new National Cyber Strategy. “We need to equip this generation with the best digital skills and to assist them in making the right choices online. “It’s great to see cooperation between law enforcement and the private sector in delivering important initiatives like this one to prevent students from getting involved in cybercrime.”

Advertisements

David Tindall, CEO of Talk Straight, said:

“By working in partnership with the National Crime Agency, we are helping to make the online world a more secure place. We’re building not just safety into our web filtering, but education too, helping combat potential criminal activity proactively instead of tackling it afterwards. “If we can educate children and inform them that these activities are dangerous and can result in criminal prosecution, we can potentially prevent a future cyber criminal. “This is our contribution, to prevent a ripple effect of online criminality, that has the potential to be felt beyond the individual and go nationally, and even globally.”

Digital divide

Chi Onwurah, Labour MP for Newcastle upon Tyne Central and shadow digital minister, said: “The government’s last-minute U-turn on the school lockdown has left parents and teachers struggling to arrange home schooling. “There are currently nearly two million households in the UK without internet access, leaving families cut off as they make great sacrifices for all of our safety. This means some children have no access to schooling, and that is completely unacceptable.”

Research from communications regulator Ofcom estimates that between 1.14 million and 1.78 million children in the UK don’t have access to a laptop or device for home schooling, and 7% of households can only access the internet through mobile connectivity. Early in the first week of the school term, Labour urged the government to adopt its recommendations for delivering technology for at-home schooling, and Onwurah said the country would “pay the price” for the government’s “failure” to ensure everyone has access to the technology they need.

Research by Nominet found that half of parents were worried that not having digital access would be detrimental to their children’s education, and 20% said they couldn’t provide uninterrupted access to online learning at home for their children. Nominet also found that 21% of parents had to share devices with their children, making it difficult to juggle home working and home schooling.

“There is a huge digital divide, and it is getting worse with schools being shut down due to Covid-19. Teachers and school leaders are trying their best to continue with online teaching by providing resources, virtual check-ins and recorded lessons,” said EdTech adviser and consultant Joysy John, who added that many children could not access these services due to a lack of technology or connectivity. “There are many new initiatives like Oak National Academy, National Tutoring Programme and free resources from Edtech companies, but these benefit those who already have digital access. So the digital divide is going to get wider unless the government thinks of a more holistic approach and provides disadvantaged parents with additional financial and educational support.”

Once the lockdown was announced, education secretary Gavin Williamson outlined a number of plans for remote education, including the mandate for schools to provide a set number of hours of “high-quality remote education for pupils”. This is of no help to those without access to online learning, so the government has tried to address the digital divide causing disparity in home schooling during pandemic lockdowns by giving laptops to those from underprivileged backgrounds – something it began doing in the UK’s first lockdown.

Advertisements

What’s being done

The government has said it will be providing up to one million children with devices to help them learn from home – these will not be given directly to pupils, but to schools that apply for them on behalf of their students.

More than 500,000 devices were provided to schools in 2020, and a further 100,000 were sent out in the week the third lockdown was announced, with the Department for Education (DfE) estimating the second week of the 2021 spring term would see around 750,000 devices having been issued.

What Is a Distributed Denial of Service Attack?

A Distributed Denial of Service (DDoS) attack is where a cyber criminal uses resources from multiple, remote locations to attack your organization’s online operations. The result is that your organization experiences a crippling interruption in one or more of its services. There are several ways to create a DDoS attack, and it constitutes one of the top four cybersecurity threats of our time.

It’s easy to confuse DDoS attacks with three other major threats, including social engineering, supply chain attacks and ransomware. For example, in 2019, the city of New Orleans was held hostage when attackers used ransomware to lock up critical servers and workstations used to provide services throughout the Crescent City. But ransomware attacks generally aren’t considered DDoS attacks.

In a DDoS attack, such as the one targeted at the Minneapolis city government in May 2020, threat actors take advantage of expected, default behavior of network devices and servers to cripple organizations. Last June, Australia experienced a larger, sustained, state-sponsored DDoS attack that left officials scratching their heads.

A DDoS attack is different than standard denial-of-service attacks. A denial-of-service attack doesn’t use multiple, randomized, distributed resources. DDoS cyber attacks are therefore more difficult to mitigate.

Though estimates vary, all authoritative research indicates that the number of DDoS attacks has increased. Cisco Networks predicts these attacks will double between 2018 and 2023. Akamai Services, a key Web and Internet services provider, has noted how they have grown more common, and more powerful.

DDoS Attack Motives

Some cyber criminals are ideologically motivated, attacking governments as part of a protest. Others use DDoS attacks as an extortion technique. Still others use them to disrupt communication in a coordinated effort to decapitate governments by limiting information and eliminating command and control. We need to carefully consider the implications of these motives.

DDoS Attack Types

Types of DDoS attacks include:

1. Application Layer: Attacks on the actual software that provides a service, such as Apache Server, the most popular Web server.

2. Protocol: When an attack consumes the resources of critical servers and network-based devices, such as a server’s operating system or its firewalls and load balancers.

3. Volumetric: These focus on exploiting the normal operations of the Internet to create tremendous floods of network traffic that then consume the victim organization’s bandwidth. This makes an organization’s resources unavailable.

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Advertisements
Advertisements