Ransomware attacks have increased in the news since 2020. Attacks on education are on the rise. With all that schools faced with the outbreak of COVID 19, the attention towards Cybersecurity Protection has been just one of the many challenges school leaders face. Hackers know this–making schools an easier target and because schools are often ill-equipped to deal with the threat, many are paying the ransoms.

According to a recent article in zdnet.com, the number of ransomware attacks against schools and universities are on the rise and cyber criminals go after what they perceive to be an easy and lucrative target. Ransomware attacks targeting the education sector have risen sharply worldwide.

Globally, 56% of K-12 schools and 64% of colleges and universities report being hit by an attack in the past year, according to an independent survey of 5,600 IT professionals in 31 countries by British security software and hardware company Sophos.

In 2021, the survey found 44% of respondents across both sectors reporting an attack. Of this year’s respondents, 320 were from lower education organizations — which include primary, secondary, elementary, high school and K-12 institutions.

The average ransom paid by schools after an attack has been $1.97 million based on research by Sophos. According to Chester Wisniewski, principal research scientist at Sophos, “Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold.”

Further findings by Sophos states that those who pay the ransom get some data back but it is far from all. According to Sophos, only 61% of data is restored after paying the ransom. This requires schools to incur the cost of the ransom and the time and resources to put into further repairing the network.

Among lower education respondents, 47% reported an increase in volume of cyberattacks, 50% reported an increase in complexity, and 49% reported an increase in impact. Regarding ransomware attacks in particular, 72% of lower education respondents said data was encrypted during the attack, compared to an average of 65% across all sectors, suggesting that education is underprepared for these cyberattacks and lacks necessary defenses.

While 99% of lower education organizations reported getting some encrypted data back following a ransomware attack, only an average of 62% of data was restored after a ransom was paid. Just 2% of respondents reported getting all encrypted data back following a ransom payment.

The best approach is a combination of prevention and monitoring. Vartek’s 10 Step Approach to Cybersecurity offers schools an enhanced solution to fight cyber crime. Vartek Services offers vulnerability assessments to schools and will offer recommendations and solutions to reduce risk and vulnerabilities.

###

If you are interested in learning more, please contact info@vartek.com. Our team will be happy to meet with you and discuss steps that you can take against cyber threats.