Indian educational institutions recorded more than two lakh cyberattacks and nearly four lakh data breaches in a nine-month period, exposing severe weaknesses in the sector’s digital defences, a new pilot study has found.
The research, conducted under the CyberPeace Foundation’s flagship e-Kawach initiative in partnership with DELNET, Resecurity, and Autobot Infosec, covered July 2023 to April 2024. The findings were released alongside the launch of the “Cyber First Responder” programme, aimed at training students, faculty, librarians, and staff to counter cyber threats, deepfakes, and AI misuse.
Data Protection and DPDP Act Readiness: Hundreds of Senior Leaders Sign Up for CDPO Program
High Exposure and Weak Credentials
The study, titled Exploring Cyber Threats and Digital Risks to Indian Educational Institutions, found that Indian academic institutions may be up to five times more susceptible to cyber breaches than those with stronger safeguards. It recorded over 8,000 unique usernames and 54,000 unique passwords used in brute-force attacks.
Commonly targeted usernames included “root” and “admin”, while widely used and easily guessed passwords such as “123456” and “password” topped the list. The potential fallout from such breaches ranges from phishing scams and faculty impersonation to deepfake exploitation, exam paper leaks, and theft of sensitive research data.
Call for Proactive Digital Defence
National Law University-Delhi Vice Chancellor Professor (Dr) G. S. Bajpai emphasised the need for adaptive systems capable of responding quickly to disruptions. DELNET Director Dr Sangeeta Kaul described the Cyber First Responder programme as a forward-looking approach to shaping digital security rather than reacting after incidents occur.
CyberPeace Foundation founder Vineet Kumar called the findings a “wake-up call” for India’s education sector. He stated how digitisation without cybersecurity is like building a house without doors or locks. Innovation cannot thrive without resilience,
The newly launched Cyber First Responder programme aims to create a strong first line of defence in educational institutions, equipping members to address cyber risks and prevent misuse of emerging technologies. The initiative underscores growing concerns about the vulnerability of academic environments in the face of increasingly sophisticated cyber threats.