The year 2022 experienced the highest number of ransomware attacks in the education sector. Assault rates increased by 56 percent at higher education institutions and 64 percent at lower education institutions compared to the previous year.
According to “The State of Ransomware in Education 2023” report published by cybersecurity firm Sophos, ransomware attacks accounted for 79% of total attacks in higher education institutions and 80% of lower education institutions in 2022.
According to the report, one of the most ransomed sectors was the education sector.
The report found that more than half (56%) of higher education institutions and almost half (47%) of lower education institutions paid the ransom. Paying ransoms has increased data recovery costs for both higher and lower education institutions. Data recovery costs (excluding ransom money) during ransom payments to higher education institutions were $1.31 million. But by using backups, the ransom cost was reduced to $980,000.
According to the report, the amount of data recovery time also increases due to paying the ransom. 79 percent of higher education institutions that used backups were able to restore data within a month. Whereas only 63 percent of ransom providers were able to recover data within the same timeframe. Again, 63 percent of backup users in lower education institutions recover data within a month. Whereas, only 59 percent of ransom-payers were able to recover data.
In the report, Sophos offers some advice on how to protect against ransomware and other cyberattacks in the education sector. These include using endpoint protection with anti-exploit capabilities and zero trust network access (ZTNA) and changing technologies to counter attacks on vulnerable areas. Advised-Adoption of in-house or managed detection and response (MDR) services and regular backup of data, and data recovery practices from there.
Total views: 891