Cybercriminals Turn Guns to Education Sector With Ransomware Attacks

The education sector experienced the highest rate of ransomware attacks in 2022 according to a new report by cybersecurity service firm Sophos.

Titled “The State of Ransomware in Education 2023” the report shows that 79 percent of higher educational institutions and 80 percent of lower educational institutions reported being targeted by ransomware, indicating a rise from the previous year’s figures of 64 percent and 56 percent, respectively.

Education sector also witnessed a significant proportion of ransom payments, with 56percent  of higher educational institutions and 47percent  of lower educational institutions choosing to pay the ransom.

However, it was discovered that paying the ransom led to a considerable increase in recovery costs for both categories.

Ransomware Attacks on Higher Education

For higher educational institutions, recovery costs were $1.31 million when paying the ransom, compared to $980,000 when relying on backups.

Similarly, lower educational organizations faced average recovery costs of $2.18 million when paying the ransom, versus $1.37 million when not paying.

“While most schools are not cash-rich, they are very highly visible targets with immediate widespread impact in their communities. The pressure to keep the doors open and respond to calls from parents to ‘do something’ likely leads to pressure to solve the problem as quickly as possible,” reads the report in Part

READ ALSO: Vishing, Smishing and Phishing the Leading Types of Fraud in Kenya

Furthermore, victims who paid the ransom experienced prolonged recovery times.

Among higher educational organizations, 79 percent of those using backups recovered within a month, whereas only 63 percent of those who paid the ransom achieved the same timeframe.

 For lower educational organizations, 63 percent of those utilizing backups recovered within a month, compared to only 59percent of those who paid the ransom.

Chester Wisniewski, field CTO at Sophos, emphasized that schools, despite not being cash-rich, are highly visible targets with a significant impact on their communities.

The pressure to respond quickly to such attacks often leads to paying the ransom without considering the cost implications.

However, data suggests that paying ransoms does not necessarily resolve the attacks faster, but it does make educational institutions more attractive targets for cybercriminals.

Impact of the Attacks

The root causes of ransomware attacks in the education sector aligned with those seen across all sectors, with compromised credentials playing a significantly greater role in both higher (37 percent ) and lower (36percent ) educational organizations compared to the cross-sector average (29percent ).

Other noteworthy findings from the report include:

•             Exploits and compromised credentials were responsible for 77 percent of ransomware attacks on higher educational institutions and 65percent  on lower educational institutions.

•             The rate of encryption remained steady for higher educational institutions (74 percent in 2021 to 73percent in 2022) but increased from 72 percent to 81 percent for lower educational institutions during the past year.

•             Higher educational institutions reported a lower rate of using backups (63 percent) compared to the cross-sector average (70percent ), while lower educational organizations had a slightly higher rate (73percent ) than the global average.

•             Lack of adoption of multifactor authentication (MFA) technology in the education sector made it more vulnerable to credential-based attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Samsung Launches 5th Generation Galaxy Z Flip & Z Fold Smartphones

Thu Jul 27 , 2023
Share on Facebook Tweet it Share on Reddit Pin it Share it Email Samsung Electronics has announced its fifth generation of Galaxy foldables: Galaxy Z Flip 5 and Galaxy Z Fold5. The launch event took place at Shamba Café in Nairobi and was attended by tech enthusiasts from the East […]

You May Also Like

Chief Editor

Jacktone Lawi

Meet Jacktone Lawi, a seasoned technology journalist with years of experience in the industry. I have developed my passion for technology during my formative years, which has been instrumental in shaping my career trajectory. My expertise lies in reporting on emerging technologies and their impact on businesses and consumers worldwide. Through my experience I’m well-versed in covering topics such as artificial intelligence, blockchain, cybersecurity, cloud computing, and digital transformation, among others. Throughout my career, I have has demonstrated an exceptional ability to distill complex technical information into accessible and engaging content that resonates with my readers. My writing style is clear, concise, and informative, allowing me to communicate even the most technical concepts to a broad audience. Beyond my writing skills, I have also become known for extensive network of industry contacts and ability to secure exclusive interviews with high-profile figures in the technology world. These connections have enabled me to gain unique insights into the latest trends and developments in the field, giving me a competitive edge in my reporting. In addition to my work as a journalist, I’m also actively engaged in the broader technology community. Where I regularly attend conferences and events, share insights and stays up-to-date on the latest innovations in the industry. Overall, my wealth of experience as a technology journalist have given me a deep understanding of the industry and its impact on society.

Quick Links