Schools and universities are increasingly becoming victims of ransomware attacks. This is the conclusion of a recent report by Malwarebytes' threat intelligence team.
In May 2023, there were 30 known attacks on the education sector worldwide - according to Malwarebytes, the highest number since early 2022 and the continuation of a trend that has also become increasingly apparent over the past twelve months.
Between June 2022 and May 2023, Malwarebytes was able to identify a total of 190 known ransomware attacks on educational institutions. Between the first and second half of this period, the number of attacks increased by 84 percent.
Outdated technology due to tight budgets
🔎 Known ransomware attacks on education, June 2022 to May 2023 (Image: Malwarebytes)
"Ransomware groups targeting the education sector is a trend that we expect to continue or even increase," said Mark Stockley, Cyber Evangelist at Malwarebytes. “The tight budgets of many educational institutions mean that they are struggling with outdated equipment and understaffing. This makes them an easy target for ransomware. This is why education is so important here, because the more the education sector knows about ransomware threats, the better their chances of successfully defending themselves against such attacks.”
Vice Society responsible for most of the attacks
🔎Distribution of Vice Society attacks compared to other ransomware groups, June 2022 to May 2023 (Image: Malwarebytes)
The attacks were carried out by a variety of different ransomware groups. However, Vice Society was responsible for the majority, with 43 attacks (equivalent to 23 percent of all known attacks on the education sector). The group specializes in attacks on the education system. Almost half of their activities (43 percent) are directed against this sector.
Other ransomware groups
Other groups targeting education between June 2022 and May 2023 include LockBit with 33 attacks, BianLian with 18 attacks, Royal with 16 attacks, and AvosLocker with 15 attacks. A total of 26 different ransomware-as-a-service (RaaS) groups contributed to the total number of attacks on education.
Five ransomware attacks in Germany in the last year
🔎 Known attacks on education by country, June 2022 to May 2023 (Image: Malwarebytes)
Ransomware attacks on education are a global phenomenon. The US is the most common target with 107 known attacks (roughly 56 percent of all attacks), followed by the UK with 28 attacks (15 percent). Germany follows in fifth place with five attacks.
Measured by the total number of ransomware attacks in each country, the education sector in the UK was comparatively more affected: from June 2022 to May 2023, 15 percent of the total known attacks in the UK targeted this sector. In Germany, four percent of all ransomware attacks are in the education system, in the USA it is eight percent.
Typically, ransomware groups spread their attacks across multiple countries and target different geographic targets. However, Vice Society is doing the opposite: The group is heavily focused on the United Kingdom, where it was responsible for 64 percent of the known attacks on British educational institutions between June 2022 and May 2023.
More at Malwarebytes.com
Via Malwarebytes Malwarebytes protects home users and businesses from dangerous threats, ransomware and exploits that are undetected by antivirus programs. Malwarebytes completely replaces other antivirus solutions in order to avert modern cybersecurity threats for private users and companies. More than 60.000 companies and millions of users trust Malwarebyte's innovative machine learning solutions and its security researchers to avert emerging threats and eliminate malware that antiquated security solutions fail to detect. You can find more information at www.malwarebytes.com.