DDoS Attacks Are Coming Back to School

September 26, 2016

netscoutIt is that time of year, where kids of all ages are heading back to school, with fresh, unwrapped school supplies in their backpacks with their smartphones, tablets, and laptops.

Teacher and school administrators are busy preparing for their new incoming class of students, entering in student data, setting up distribution lists, updating their syllabuses, and setting up their grading systems among the many things our teachers do for our children.

Hard at work behind the scenes are the computers, networks, servers, applications, and cloud infrastructure that supports all of the applications that our teachers, administrators, and students depend upon throughout the school year.

While all of these various technologies have enabled a modern teaching and learning experience and provided efficiencies to our school systems, their availability is under appreciated. As we have come to rely on these technologies more, their availability has grown in importance as well.

Traditionally we think of the availability of our school in terms of the building(s) being open or closed, such as closed for a snow day, or worse for a natural disaster. But what happens when one piece of IT infrastructure that is used every day in our schools does not work? What happens if there is no internet access?

Cloud-based solutions are not helpful, unless classes are moved to the local coffee shop, but only so many students can fit thought the doors. What happens if the server hosting exams or grades goes down during finals? Do students get sent home indefinitely until the problem is fixed.

One of the widest ranging threats to an educational institution’s Information infrastructure today are Distributed Denial of Service (DDoS) attacks. These attacks are very common on the networks of our colleges and universities and are increasingly being seen at high schools across America.

At Arbor we have worked with educational institutions to implement comprehensive solutions to protect against DDoS attacks, including a group of state and regional educational organizations with a combined network that supports more than 1.4 million students and school internet access.

The network provides access to high stakes online testing, such as PARCC, AIR, and MAP1 and supports integrated Education Management Information Systems with student data reporting, student information systems, and state fiscal software applications.

The shared network was experiencing an increasing number of DDoS attacks – 28 attacks in 28 days was reported at one time. Adding to the issue was that not all the attacks throughout the network were detected or reported. Administrators were aware of “low and slow” DDoS tactics targeting applications with lesser volumes of traffic that were very difficult to identify.


Leave a Reply