Since the Minister of Education in China has made the policy of "ensuring learning undisrupted when classes are disrupted" for schools to do online education during the spread of COVID-19 pandemic during the second week of February, there has been an explosive increase on the total access data for online education / remote education platforms websites. Lots of famous technical companies in China have also published their own version of online education platform to help achieve an undisrupted education for most of teachers and students.
According to a report provided by DAS-security, there were 4.9 billion access for online education / remote education websites only in China during 1st of January to the end of March. Compared to figures in the past, the number is astounding for many people, including analyzers in the industry.
But with many online education needs fulfilled with these platforms, there were also 96 million Internet attacks to these websites during the same period. In terms of attack types, SQL injection attacks, command injection attacks, and malicious user-agents are in the top three, accounting for 60.7% of the total attack volume. Apart from that, attack methods such as vulnerability protection, protocol violations, file restrictions, file injection attacks, suspected cross-site attacks, SQL blind injection attacks, and cross-site scripting attacks are also worthy of everyone's attention.
What shall we do to prevent being a victim of these Internet attacks? There are 2 major ways to do it.
1. Download online education apps only from formal application stores.
When you need to use some online education apps, do remember to download them from formal application stores, such as AppStore or GooglePlay. Apps from unfamiliar websites are usually uploaded by individual users, which means they are not scanned and can possibly contain Trojans or virus that will cause a leakage of your personal information. On the contrary, formal application stores have a series of evaluation standards for the listed APPs. To a certain extent, it has been screened to achieve official credible certification; and the officially launched Internet systems for official operations have generally completed filing and established certain security and privacy information protection mechanism.
2. Provide your personal information cautiously only to websites that you trust.
For most of online education applications, detailed personal information is usually not needed to enjoy their services. But if you do like to provide your personal information to an application or a website to unlock more fun, say making friends, please be extra careful. Verify if the address of the website that asking for your personal information is still the same one that you usually visit. Check if the application is notorious for user information leakage is another way to protect yourself.
While we take the advantage of technology and learn from home, we should also remember to protect ourselves at any time. Stay safe, stay healthy!