Jun 6
2023
Ransomware’s Prime Target: Securing Educational Institutions
By Anthony Cusimano, director of technical marketing, Object First
In recent years, ransomware has become the most destructive cyber threat impacting industries of all sizes –in the first half of 2022, there were over 236 million ransomware attacks worldwide. Threat actors have launched ransomware attacks on various targets, including businesses, hospitals, supply chain infrastructures, and education systems, to extort money in exchange for stolen data.
According to a 2022 year-end report, schools sustained the same number of ransomware attacks in 2022 as in 2021, with the most significant attack being Los Angeles Unified School District, which included over 1,300 schools and 500,000 students. While the goal of educators is to establish secure learning environments for students – be it through online or in-person education – far too many are faced with the challenge of ever-increasing ransomware attacks that makes safeguarding IT environments to ensure data protection difficult.
Education systems shouldn’t have to suffer the continuous data theft and extortion that the past few years have burdened them with. By incorporating affordable ransomware-proof tools, these organizations can ensure the safety of backups and effectively defend against ransomware attacks without paying the ransom.
Why the education system continues to be a prime ransomware target
Schools have a wealth of sensitive information about their students and faculty on hand for cybercriminals to target. This includes information such as financial aid records, birth certificates, behavioral records, and addresses that, if left unprotected, can be stolen and sold on the dark web.
Ransomware attacks pose the most significant cybersecurity risk regarding operational disruptions and overall expenses for K-12 schools and districts. This is often because these school systems need more money and education to adopt proper security tools. Within school systems, allocating resources to defend against cyberattacks is restricted by a limited budget, resulting in inadequate IT infrastructure and smaller teams – further weakening visibility to detect potential threats before it’s too late. Because of this, when compared to other industries, the education system falls short of proper protection.
But that’s not all. While there are many reasons why ransomware attacks against education systems have been and continue to remain rampant, a primary reason for this surge is that the COVID-19 pandemic increased reliance on virtual platforms for students to participate in remote learning. This shift created an even larger threat landscape for an underprepared and under-resourced industry, expanding vulnerabilities while perpetuating increased data being stored electronically. This, paired with a strained IT budget and lack of dedicated resources to fight ransomware, has left schools open for attackers to capitalize on.