Education sector particularly hard hit by ransomware

August 3, 2021
| No comments
Education sector particularly hard hit by ransomware

Share post

According to a study by Sophos, the education sector saw the highest number of attacks and the highest recovery costs in 2020. In its study “Sophos State of Ransomware in Education 2021”, Sophos investigates the extent and impact of ransomware attacks.

The latest ransomware attacks, which are also affecting education, confirm the research results of the Sophos study and the particular vulnerability of educational institutions to cyber threats. The REvil ransomware attack via Kaseya caused a stir in schools in New Zealand, the FBI and the British National Cyber ​​Security Center are issuing warnings for the education sector, and the BSI is also committed to working safely in everyday digital school life.

The most important research results at a glance

  • Education, along with retail, were the hardest hit by ransomware attacks in 2020 (44 percent of businesses versus 37 percent across all industries).
  • For educational institutions, the financial impact of a ransomware attack in 2020 was particularly crippling. The total bill for fixing a ransomware attack in the education sector, including downtime, staff time, equipment costs, network costs, lost business opportunities, ransom paid, and more, averaged $ 2,73 million - the highest figure across all sectors examined and 48 percent above the global average.
  • More than half (58 percent) of educational institutions affected by ransomware said the attackers had succeeded in encrypting their data.
  • More than a third (35 percent) of the affected facilities gave in to the attackers' demands and paid the ransom. Only in the energy, oil / gas and utility (43 percent) and local government (42 percent) sectors were more blackmailed willing to pay.
  • The average ransom payment was $ 112.435 (lower than the global average of $ 170.404). However, those who paid only got about two-thirds (68 percent) of their data back on average, with nearly a third of the data remaining inaccessible. Only 11 percent received all encrypted data back.
  • Of the institutions that were not affected by ransomware in the last year (55 percent of those surveyed), 61 percent of those surveyed expect that they will be targeted in the future. The main reasons they cited were that cyberattacks are now so sophisticated (said 46 percent) and widespread (said 42 percent) that they can hardly be stopped.

Was your organization the target of a ransomware attack in the past year? 499 answers (Image: Sophos).

"The education sector has long been an attractive target for cyber criminals," says Chester Wisniewski, Principal Research Scientist at Sophos. “IT and cybersecurity budgets are often very tight and IT teams struggle with limited tools and resources to protect the often outdated infrastructure.

Education sector: low security budgets - high vulnerability

In addition, there is the risky behavior of end users, such as downloading pirated copies. All of these factors increase the risk every year anyway. In the 2020 pandemic, educational institutions also had to switch to virtual learning environments at short notice. There was very little time to think about security or conduct basic cybersecurity training for all new users. This has made the sector even more vulnerable. Attackers quickly seized this opportunity, leaving victims building the IT infrastructure from the ground up with enormous financial repercussions. To protect the network from ransomware, we advise IT teams to focus their resources on three critical areas: building stronger defenses against cyber threats, introducing security training for users and, where possible, investing in more resilient infrastructure. "

More at Sophos.com

 

About Sophos

More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

PR News, Sophos
, , , ,