Kaspersky Security Bulletin

Education predictions 2021

Changes in the education system have been brewing for a long time, with digitalization as the main direction of this transformation. The breakthrough came this year as about 1.5 billion students were unable to attend school due to the COVID-19 pandemic. As a result, educational systems all over the world underwent significant change. Educators were forced to master new tools like Zoom, while maintaining the quality of education as they taught online.

This digitalization of education is likely to continue, which is good and bad at the same time. On the one hand, there are new tools and possibilities including ones that were originally not associated with education at all. TikTok accounts used for online instruction are a good example. Initially, teachers shunned the platform, preferring YouTube instead, but in 2020, TikTok became a popular choice for distributing educational content. On the other hand, many of these new digital educational tools are both enhancing the educational experience and introducing new threats. Here are the ones most likely to pose the biggest risks in the coming year.

  1. Development of educational Learning Management Systems. LMSs enable teachers to track students’ learning process, showing their progress and aspects that require the teacher’s attention. While there already are several well-known systems (Google Classroom, Frog, etc.), the market for new LMS systems will only continue to grow.
    As the number and popularity of LMSs rises, the number of phishing sites associated with educational and videoconferencing services will grow, too. Their main goals are stealing personal data or spreading spam within the educational community. Already in the spring of 2020, 168,550 unique users encountered various threats distributed under the guise of popular online learning platforms or videoconferencing applications, a 20,455% increase when compared to 2019. In addition to that, LMSs open up the potential for new, unexpected threats, such as Zoombombing. Especially if schools continue to conduct remote learning, these systems will continue to be a popular attack vector.
  2. More attention will be paid to video services, such as Youtube, Netflix, SchoolTube, KhanAcademy, etc. There will be more creation of educational video content either existing as finished product or partially used by teachers in the classroom. In fact, about 60% of teachers already use YouTube in the classroom.
    While videos can be a powerful educational tool, there is also a lot of age-inappropriate content that can be found on popular video services (YouTube/TikTok/Instagram, etc.), and creators of this content may use educational topics to attract attention. This threat is not new, but with the growth of digitalization, its relevance will grow too.
  3. Use of social media tools in the educational process. Social media (Instagram, Twitter, etc.) can be a great way to encourage students’ engagement during and after classes, and serve as a way for teachers to connect with their students. However, there are threats relating to content regulation. Currently, teachers or service administrators have to manually regulate content in LMSs and videoconferencing applications – it is a big task. Moderating content on social media platforms or online group chats is an even bigger one – especially in public groups or chats. That paves the way for inappropriate content, offensive comments and cyberbullying.
    Privacy is another concern. A poorly configured application or service is a well-known way of compromising personal data, even without special tools or vulnerabilities. In our case, students and teachers can be victims of such attacks.
  4. Gamification of the educational process. Almost everyone at school already knows about learning with Minecraft, but apart from that game, there are many services that allow you to learn through playing (While True: Learn, Classcraft, Roblox, etc.). However, as soon as you incorporate games into the classroom, you expose students to the same types of risks they would be facing while gaming from home: trolls and bullying, malicious files disguised as game updates or add-ons, etc.

In fact, privacy will be the biggest concern in the near future. Managing it in any service requires the user’s involvement, but many users, especially younger children, do not know how to appropriately control their privacy settings. Also, there are many services that provide tools for setting up the educational process online, and educators will most likely be using more than one. As a result, for each tool and in each case, they will need to pay special attention to protecting not only their personal information, but also their students’ data.

Education predictions 2021


Your email address will not be published. Required fields are marked *



  1. Peter

    thank for the report and content, it is very useful one.


Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox