Ransomware in Education

If you are a parent of school-aged children, you undoubtedly have experienced the benefits – and struggles – of online learning. Online education and remote learning have been steadily growing over the last several years. That growth exploded in 2020, when the COVID-19 pandemic forced schools, colleges, universities and other educational institutions to close their campuses and shut their classroom doors.

And of course, where technology booms, cybercrime is sure to follow. From Zoom bombing to cyber bullying to ransomware, online learning attracts harmless mischief makers along with dangerous predators and real criminals looking for a payday.

According to a new report, the education sector was one of the two biggest targets for ransomware attacks among all industries (tied with retail). The massive and rapid shift to virtual learning placed a huge burden on educators’ IT departments, many of which already had overstretched budgets. Many were unprepared and undertrained to implement adequate security measures. This, combined with the urgent need for classes to continue, made education a juicy target for ransomware criminals.

Sophos, a leading cybersecurity company and AllSafe IT partner, published a white paper on The State of Ransomware in Education 2021. The survey of 499 IT decision makers at education organizations around the world revealed that:

• 44% of education organizations surveyed were hit by ransomware in the past year
• 58% said that the cybercriminals were able to encrypt their data
• 35% paid a ransom to try recover their data

As far as costs, the average ransomware payment was $112,435. This is a bit lower than the average for other industries. However, education organizations reported that they only received an average of 68% of their data back after paying a ransom. The remaining 32% - nearly a third - of their data stayed encrypted and rendered useless. Only 11% of educators said that they got all their data back after paying a ransom. Needless to say, paying the ransom is a poor strategy for dealing with ransomware.

But ransomware’s financial impact goes far beyond just the ransom amount itself. Since many educational institutions were operating on lower IT budgets, they tended to have outdated equipment and understaffed IT teams. As a result, many were unable to repair the damage caused by a ransomware attack. Instead, their only option was to completely rebuild their IT infrastructures from scratch. This pushed the total cost to recover from a ransomware attack to an average of $2.73 million.

What can Education Organizations do to prevent or mitigate an attack?

AllSafe IT recommends the following best practices:

• Deploy a multi-layered stack of security solutions like AllSafe IT’s Safe Total, which includes endpoint protection, advanced email security, multi-factor authentication, security awareness training and compromised credential monitoring.
• Implement Backup and Disaster Recovery (BDR). Restoring from backup is the easiest, cheapest and most reliable way to restore data after an attack.
• Assume you will be hit. We only hear about huge corporations in the headlines, but organizations of all sizes are targeted. Do everything you can to avoid an attack, but also be prepared for the worst.
• Have a malware recovery plan. Speaking of preparing for the worst, make sure you have an incident response plan in place. This will enable your IT team to quickly mobilize when a ransomware attack starts and may even be able to stop an attack before data can be encrypted.
• Don’t pay the ransom. Organizations that pay ransom only have an 11% chance of getting all their data back. This is a very poor return on investment indeed

AllSafe IT is proud to have spent over 15 years providing IT services to hundreds of companies—many of those within the education sector. Our specialized services are uniquely tailored to provide our customers with the reliability, protection, and fast services needed to ensure 100% uptime and maximized data security. From comprehensive and preventative cybersecurity strategies to 24/7 customer support, AllSafe IT understands the unique needs of educators.

‍