August 04, 2021 | Marco De Pauw

New school year, new DDoS attacks: Is your school prepared?

Summary: Educational institutions were a constant target of ransomware and Distributed Denial-of-Service (DDoS) attacks last year. In preparation for the upcoming school year, learn how DDoS impacts education and what can be done about it.

Alarm clocks are set, buses are lined up and the bells are ringing loud and clear. All of this can only mean one thing: Schools are back in session.

smiling woman with book and laptop

Since the global pandemic, we’ve witnessed the resiliency of schools as they became more reliant on remote learning applications and capabilities. As many institutions are preparing to welcome students back to campus for the first time since March 2020, administrators, faculty and staff are left to grapple with how to return to “normal.” At the same time, many organizations have embraced online and hybrid learning as a core component of the future of teaching.

But with online learning comes online complications. If we look back at the previous school year, we notice that education fell victim to tens of thousands of DDoS attacks. Best defined by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), a DDoS attack occurs when legitimate users are unable to access information systems, devices or other network resources due to the actions of a malicious cyber threat actor. Affected services may include email, websites, online accounts or other services that rely on the affected computer or network.

Around 2.9 million DDoS attacks were launched in the first quarter of 2021, and of those 45,000 were aimed at the education sector—a 41 percent increase over the previous three quarters.1 These attacks are not only more frequent but also increasing in complexity. Advancements in ransomware mean that DDoS attacks are becoming a vector for extortion, with threat actors using pre-ransom emails with a promise of future attacks to your networks and online presence. The intent of the impending DDoS attack is to overwhelm your Internet connections with higher volumes of malicious traffic over extended periods. Schools may not even be aware they’re under a DDoS attack, as the resulting issue could appear as nothing more than a service interruption. Whatever the disguise, the result is clearly a massive waste of resources and a lack of resolution, with the actual threat still very much present.

DDoS on the offense

Despite reaching a record-breaking number of DDoS attacks in this sector, the frequency of these attacks shows no sign of slowing down. While there are a number of motives behind these online assaults to education institutions, it might be interesting to find that many have been caused by students using external, cheap sources and sites. The other notorious culprits are cybercriminals on a mission to steal intellectual property, from which they are making a profit and also using for future attacks.

Let’s look at a specific example from a Windstream Enterprise customer. A couple of months ago, we started to see that this institution was undergoing several network interruptions. The school experienced troubles ranging from application downtime to complete network failures, some lasting for minutes and others for hours. Tickets were opened with their service providers, but initially nothing conclusive was found to be causing the issues.

Being their SD-WAN provider, Windstream Enterprise conducted an in-depth investigation to swiftly discover that the service interruptions were the result of repeated DDoS attacks. A quick email to Windstream Enterprise’s DDoS Mitigation team and a thorough customer conversation resulted in an emergency implementation of our DDoS mitigation platform on the customer’s SD-WAN networks. The DDoS Mitigation team was able to scrub the bad traffic and allow the good traffic through to the customer—their service interruption thus resolved.

How can schools protect themselves?

One of the things that makes DDoS attacks such a big threat is that they prevent legitimate network requests from getting through. This causes organizations to lose money, uptime, etc., and in the case of education it directly impacts critical online learning operations. Among the many consequences, these attacks can instantly damage a school’s reputation or cause it to lose funding.

Because DDoS attacks in education show no signs of ceasing or decreasing, education administrators must ensure necessary precautions are taken to lessen the risk of falling victim to a dreaded DDoS attack. Organizations need cost-effective measures implemented to protect their Internet, such as DDoS mitigation services to proactively monitor and prevent an outage by reducing the severity of an attempted denial of service.

In our example scenario, Windstream Enterprise was able to establish a baseline of the school’s network after a few days of monitoring. This allowed the DDoS mitigation platform to automatically detect and alleviate future attacks in a matter of seconds.

As this school enters the new academic year, there is no longer a need for it to worry about these crippling events. As soon as an event is triggered, the fully managed DDoS mitigation platform scrubs any malicious traffic. In addition, a security analyst from Windstream Enterprise monitors the attack in real time, ensuring mitigation adjustments are made if the attack patterns change.

Safety first

Every enterprise—across all regions, industries and business sizes—is at risk of these attacks. And any network downtime can materially impact a business’s performance and expose it to data exfiltration by cybercriminals. DDoS mitigation services are a valuable asset to an organization’s complete security strategy in order to ensure business continuity and resiliency.

Cyberattacks are on the rise and there’s no sense worrying about if you’ll become a target. If you’re connected to the Internet (who isn’t nowadays?), it’s just a matter of time. Fortunately, there are ways to mitigate the impact of DDoS attacks: active awareness and implementation of solutions to allay possible attacks or network compromises are great places to start.

Make this the best school year yet by being prepared for anything.


  1. Hildebrand, Carol. “The Beat Goes On.” NetScout. May 17, 2021.

Key takeaway: Don’t wait for DDoS attacks to come to you this school year. There are solutions, such as DDoS mitigation services, that will lessen the impacts of these crippling attacks.

Marco De Pauw

Marco is the director over the Cyber Security Operations Center (CSOC) and is responsible for the implementation, support, and monitoring of Windstream’s Enterprise’s Managed Network Security products.