Are Schools the Next Big Target for Ransomware Attacks?

Recently, K-12 schools have experienced a barrage of ransomware attacks, pausing instruction especially among schools engaging in distance learning. Education leaders and concerned parents remain on edge of additional ransomware attacks, and how these attacks will impact students. This blog covers why schools are experiencing an increase in attacks by hackers. Additionally, we discuss best practices for schools in protecting their students from ransomware attacks.

ransomware attacks

How Big of a Problem are School Ransomware Attacks?

The scale of ransomware attacks on schools and colleges is massive and continues to grow. According to a 2020 study by Comparitech over 1,740 separate schools and colleges were potentially affected, a 39% increase from 2019. Additionally, this increase potentially impacted 1,358,035 students – a 67% increase. Even more shocking is that individual ransomware attacks on schools decreased by 20%, meaning hackers are becoming more efficient. Furthermore, malicious actors continue to discover ways to maximize the impact of their attacks with minimal attempts.

Ransomware attacks affect more schools and students than ever, but what about the financial impact? According to the 2020 Comparitech study hackers received at least $1,909,058 in ransom payments. Additionally, the totality of the economic loss created by ransomware is more than just financial. On average, schools lose a full week to downtime and experience an average of 55.4 days before full recovery. The economic cost of this forced downtime in conjunction with ransomware payments is estimated at $6.62 billion. This is an astonishingly high cost, however, the impact that these attacks have on students’ learning adds another layer of expense. Furthermore, students are already dealing with the challenges of learning during a pandemic, so any additional downtime puts them at a further disadvantage.

ransomware attacks in schools

Why Are Hackers Targeting Schools?

The main reason schools remain high-level targets is due to a lack of funding in upgrading their security posture. Historically, IT security has been a challenge that schools continue to struggle with. Moreover, these challenges remain further exasperated by the pandemic. With remote learning initiatives transforming how students receive and consume information, hackers gain new potential access points into school networks. In the era of remote learning, schools are more reliant than ever on technology, and disruption in services significantly impacts both students and faculty.

In resolving a ransomware attack, two options remain available: pay the ransom or restore from a backup. We highly recommend avoiding paying a ransom at all costs. Even if you do pay the ransom, there is absolutely no guarantee you will receive all of your data. In fact, according to a 2021 Sophos study, on average only 65% of your data restores after paying a ransom. However, schools are likely to not have a robust backup and recovery system, which for some leaves educators no option but to pay the ransom. Schools are also likely to have ransomware insurance that will pay the ransom for them in the case that an attack occurs. With the combination of weak security and a high likelihood of a payout, malicious actors continue to increase their attacks on both K-12 and Higher Education school systems.

Identity Theft and Personal Data

A secondary factor that makes schools an attractive target for attackers is the vast amount of personal data that could be compromised in a single attack. The main goal of ransomware hackers is to encrypt an organization’s data and coerce the target into paying a ransom in order to receive the encryption key. In the process of encrypting that data, hackers also can sell that compromised data on the dark web. Identity thieves place a high premium on data like this, especially the personal information of students.

How to Protect Schools from Ransomware

Ransomware is an issue requiring different strategies from multiple angles. Governments and law enforcement are working around the clock to catch the perpetrators of these attacks. In addition, the United States government is even hosting a 30 nation summit on ransomware prevention this October. The summit looks to offer a long-term solution for enhancing nationwide cybersecurity postures. In combating current ransomware attacks, schools must act now in updating IT security plans. To learn more about specific ransomware solutions for K-12 and Higher Education systems use the button below to contact a cyber security expert at Strategic Communications.

Share this Post