Alarming rise in ransomware attacks on education: Sophos

/in


Leading cybersecurity firm Sophos has shed light on the alarming increase in ransomware attacks targeting the education sector.
Sophos report on recovery cost in educationThe report titled The State of Ransomware in Education 2023, based on a survey of 400 IT / cybersecurity professionals across 14 countries, unveils the real-world experiences of educational institutions in the face of cyber threats.

Spike in Attacks and Data Encryption

The survey findings revealed a stark rise in ransomware attacks on educational institutions. The education sector reported the highest rates of ransomware attacks among all industries surveyed. An alarming 80 percent of lower education providers and 79 percent of higher education providers reported falling victim to ransomware attacks in 2023. This represents a significant surge from the previous year, with rates more than doubling since 2021, when only 44 percent of education providers faced such attacks.

Additionally, data encryption in the education sector has seen a steady increase. Lower education providers reported an 81 percent rate of data encryption, while higher education institutions reported a rate of 73 percent, remaining consistent with the previous year.

“Double Dip” Method and Data Recovery

One worrying trend is the increasing prevalence of the “double dip” method, where cybercriminals not only encrypt the data but also steal it for potential data exfiltration. Of the lower education organizations that experienced data encryption, 27 percent reported that their data was also stolen. In higher education, this figure rose to 35 percent, indicating a growing adoption of this malicious tactic.
Sophos report on ransomware in education sector 2023The ability to recover encrypted data is crucial for organizations facing ransomware attacks. Fortunately, all higher education institutions and 99 percent of lower education organizations were successful in recovering their data. Notably, the recovery rate for the education sector surpasses the cross-sector average, indicating a degree of resilience in the face of such threats.

Root Causes of Attacks

The report also identified the root causes behind the ransomware attacks. For lower education, compromised credentials (36 percent) and exploited…

Source…