Schools are increasingly being hit by ransomware attacks, with 60 percent reporting they were targeted in 2021, up from 44 percent in 2020.
That’s according to new research from cybersecurity firm Sophos that also found that education institutions faced the highest data encryption rate (73 percent) compared to other sectors (65 percent), and the longest recovery time, with 7 percent taking at least three months to recover – almost double the average time for other sectors (4 percent).
“Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold,” said Chester Wisniewski, principal research scientist at Sophos. “Education institutions are less likely than others to detect in-progress attacks, which naturally leads to higher attack success and encryption rates.”
In schools, encrypted data is most likely confidential school records, which means the potential impact is far greater for schools compared to some industries.
“Even if a portion of the data is restored, there is no guarantee what data the attackers will return, and, even then, the damage is already done, further burdening the victimized schools with high recovery costs and sometimes even bankruptcy. Unfortunately, these attacks are not going to stop, so the only way to get ahead is to prioritise building up anti-ransomware defenses to identify and mitigate attacks before encryption is possible,” he said.
However, schools report the highest rate of cyber insurance payout on ransomware claims (100 percent higher education, 99 percent lower education). However, as a whole, the sector has one of the lowest rates of cyber insurance coverage against ransomware (78 percent compared to 83 percent for other sectors).
“Four out of 10 schools say fewer insurance providers are offering them coverage, while nearly half (49 percent) report that the level of cybersecurity they need to qualify for coverage has gone up,” said Wisniewski. “Cyber insurance providers are becoming more selective when it comes to accepting customers, and education organisations need help to meet these higher standards. With limited budgets, schools should work closely with trusted security professionals to ensure that resources are being allocated toward the right solutions that will deliver the best security outcomes and also help meet insurance standards.”
To protect themselves better, schools can install and maintain defences across all points in the environment and review security controls regularly. They can also proactively hunt for threats and work to close security gaps. Schools can also prepare for the worst, and have a plan in place to deal with a worst-case scenario.
The State of Ransomware in Education 2022 survey polled 5,600 IT professionals, including 320 lower education respondents and 410 high education respondents, in mid-sized organisations (100-5,000 employees) across 31 countries.
