08 Aug The Education Sector Reports the Highest Rate of Ransomware Attacks, Sophos Survey Finds
Sophos, a global leader in innovating and delivering cybersecurity as a service, released a new sectoral survey report, “The State of Ransomware in Education 2023,” which found that education reported the highest rate of ransomware attacks in 2022.
Over the past year, 79% of higher educational organizations surveyed reported being hit by ransomware, while 80% of lower educational organizations surveyed were targeted—an increase from 64% and 56% in 2021, respectively.
Additionally, the sector reported one of the highest rates of ransom payment with more than half (56%) of higher educational organizations paying and nearly half (47%) of lower educational organizations paying the ransom. However, paying the ransom significantly increased recovery costs for both higher and lower educational organizations.
Recovery costs (excluding any ransoms paid) for higher educational organizations that paid the ransom were $1.31 million when paying the ransom versus $980,000 when using backups. For lower educational organizations, the average recovery costs were $2.18 million when paying the ransom versus $1.37 million when not paying.
Paying the ransom also lengthened recovery times for victims. For higher educational organizations, 79% of those that used backups recovered within a month, while only 63% of those that paid the ransom recovered within the same timeframe. For lower educational organizations, 63% of those that used backups recovered within a month versus just 59% of those that paid the ransom.
“While most schools are not cash-rich, they are very highly visible targets with immediate widespread impact in their communities. The pressure to keep the doors open and respond to calls from parents to ‘do something’ likely leads to pressure to solve the problem as quickly as possible.” said Chester Wisniewski, field CTO, of Sophos.
Sophos recommends the following best practices to help defend against ransomware and other cyberattacks:
- Strengthen defensive shields with:
- Security tools that defend against the most common attack vectors, including endpoint protection with strong anti-exploit capabilities to prevent exploitation of vulnerabilities, and Zero Trust Network Access (ZTNA) to thwart the abuse of compromised credentials
- Adaptive technologies that respond automatically to attacks, disrupting adversaries and buying defenders time to respond
- 24/7 threat detection, investigation and response, whether delivered in-house or by a specialist Managed Detection and Response (MDR) provider
- Optimize attack preparation, including making regular backups, practising recovering data from backups and maintaining an up-to-date incident response plan
- Maintain good security hygiene, including timely patching and regularly reviewing security tool configurations
To learn more about the State of Ransomware in Education 2023, download the full report from Sophos.com.