Schools Are the Most Targeted Industry by Ransomware Gangs

According to cybersecurity firm Sophos and VPN service provider AtlastVPN, the education sector is the most vulnerable and targeted by ransomware attacks.

KEY FINDINGS

• 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year.

• Education is the most targeted industry by cybercriminals, primarily motivated by the high percentage of schools choosing to pay the ransom.

• The recovery costs from ransomware attacks have remained steady at around $1.59 million in 2023 and 2022 for lower education providers, while recovery costs in higher education have decreased significantly from the $1.42 million reported last year to just over $1 million in 2023.

• Education providers lack the funds that large corporations have to invest in robust cybersecurity measures and even staff training, leading to many loopholes sophisticated hacker groups can exploit.

• The Biden-Harris Administration has announced a $200 million initiative over three years to bolster cyber defences in K-12 schools.

As the 2023 academic year begins, schools across the globe are facing a growing cybersecurity threat: ransomware attacks. A new report from Atlas VPN reveals that 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year, making the education sector the most targeted industry by cybercriminals.

“It is worth noting that the report was based on findings from the cybersecurity firm Sophos, which revealed (PDF) the concerning statistics in its July 2023 whitepaper.

Why Education Providers Are Targeted

There are a few reasons why education providers are so frequently targeted by ransomware attacks. First, schools often have large amounts of sensitive data, such as student records, financial information, and intellectual property. This data is valuable to cybercriminals, who can sell it on the dark web or use it for other malicious purposes.

Second, schools are often understaffed and have limited resources to invest in cybersecurity. This makes them more vulnerable to attacks.

Third, many schools are unaware of the latest cybersecurity threats and best practices. This lack of awareness can make them easy targets for cybercriminals.

The Impact of Ransomware Attacks on Education Providers

Ransomware attacks can have a devastating impact on education providers. When a school is hit by a ransomware attack, its computer systems are encrypted and held hostage by the attackers. The school must then pay a ransom to the attackers in order to regain access to its data.

Ransomware attacks can also disrupt educational activities, leading to delays in examinations, admissions processes, and research activities. In some cases, schools have even been forced to close their doors for days or even weeks after a ransomware attack.

The Biden Administration’s Response

On August 7, 2023, the Biden-Harris Administration released a statement outlining new efforts to strengthen America’s K-12 schools’ cybersecurity. The new initiatives aim to provide up to $200 million over three years to bolster cyber defences in K-12 schools.

A Government Coordinating Council will also be established to facilitate communication between federal, state, local, tribal, and territorial education leaders to enhance US schools’ cyber defences and resilience.

How Education Providers Can Protect Themselves from Ransomware Attacks

According to AtlasVPN’s report, there are a number of steps that education providers can take to protect themselves from ransomware attacks. These steps include:

• Implementing robust cybersecurity measures, such as firewalls, intrusion detection systems, and data encryption.
• Conducting regular security awareness training for employees on how to identify and avoid phishing attacks and other social engineering scams.
• Maintaining regular backups of data and systems so that they can be restored quickly in the event of an attack.
• Having a plan in place for responding to a ransomware attack, including a process for communicating with students, parents, and staff.

Conclusion

Ransomware attacks are a serious threat to education providers of all sizes. By taking the steps outlined above, education providers can reduce their risk of being attacked and mitigate the impact of an attack if it does occur.

Additional Information

The Biden Administration’s new efforts to strengthen America’s K-12 schools’ cybersecurity are a welcome step. However, more needs to be done to protect education providers from ransomware attacks.

Governments around the world should work together to develop and implement international cybersecurity standards for education providers. These standards should include requirements for robust cybersecurity measures, employee training, and incident response plans.

Education providers should also be provided with financial assistance to implement these standards. Many schools simply do not have the resources to invest in robust cybersecurity on their own.

By taking these steps, we can help protect education providers from ransomware attacks and ensure that students have access to a safe and secure learning environment.

RELATED TOPICS

1. MarsJoke Ransomware Targeting Educational,
2. How Technology Has Altered the Education Landscape
3. Thousands of Android apps for kids secretly tracking their activities
4. New Akira Ransomware Targets Businesses via Exploited CISCO VPNs
5. Institute of International Education leaks data of thousands of students