The zero-day cyberattack affecting the Witwatersrand University’s Oracle e-business system, reported last weekend, points to a wider systemic vulnerability within the education sector.
According to Check Point Software Technologies, education is among the most vulnerable to cyber criminals across the globe.
The company’s September 2025 Global Threat Report shows education is the most targeted globally, experiencing an average of 4 175 weekly attacks per organisation (–3% YoY).
“This consistent targeting reflects both the education sector’s rapid digital transformation – which expands its attack surface – and its typically underfunded cyber security defenses, which make it a frequent and easy target for cybercriminals,” says Lionel Dartnall, country manager SADC at Check Point Software Technologies.
“Schools and universities, with their treasure troves of sensitive data including personal information of students, faculty, and staff, as well as academic records, research, and intellectual property, make it a prime target for cybercrime,” he adds.
“With their large, often open networks and a wealth of critical data, universities and colleges are also increasingly vulnerable to exploitation, whether for financial gain, intellectual property theft, or other malicious purposes.”
In addition to these risks, students and staff frequently connect to unsecured networks, such as public WiFi, and use personal devices that may not be properly protected.
This increases vulnerabilities, making educational institutions even more susceptible to breaches. The consequences of such breaches can be severe – jeopardising student safety, damaging institutional reputation, and undermining academic integrity. Moreover, they can disrupt day-to-day operations and erode trust in digital systems.
“The rise of online learning platforms too, has increased cyber risks, as schools and universities often neglect cybersecurity, making their networks vulnerable. Involving diverse groups like students, teachers, parents, and professionals creates more weak spots for malware and unauthorised access to sensitive data,” says Dartnall.
Other aspects affecting the cyber security landscape in education include:
* Ransomware Evolution: Ransomware attacks exploiting zero-day vulnerabilities have surged, affecting thousands in a single attack. With over 5,000 victims in 2023—a 90% increase from 2022—ransomware is now the top threat from financially motivated attackers.
* Expanding Attack Surface: Attacks on routers, VPNs, and edge devices are increasing, shifting from nation-state actors to financial attackers, highlighting the need for stronger protection.
* State-Affiliated Hacktivism: Nation-states carry out cyberattacks by posing as hacktivists or using affiliated groups.
* Cloud Vulnerabilities: Attackers bypass security by using stolen session tokens to access cloud and remote systems.
* Software Supply Chain Risks: Malicious software packages in open-source repositories are rising, endangering software supply chains.
Check Point director: Africa Lorna Hardie urges tertiary institutions to adopt advanced, integrated security solutions: “This includes AI-powered threat detection, comprehensive endpoint protection, and secure access controls. Equally important is promoting cybersecurity awareness among staff and students, as a collective approach to security helps create a more resilient institution.”