Ransomware Attacks on Schools Increased in Q1 2023
Ransomware attacks on schools and other public institutions rose sharply in the past six months, according to a Virginia-based cybersecurity company that monitors worldwide activity on a quarterly basis.
GuidePoint Security, in its Q1 2023 Ransomware Report released in April, indicated a 27 percent increase in public ransomware victims — mainly in education, manufacturing, technology, health care, banking and finance industries — compared to the first quarter of 2022. It also noted a 25 percent rise from the last quarter of 2022. The report is based on public information.
The analysis indicated that “double extortion,” where the criminal operators encrypt files while also exfiltrating data, was a common tactic. In these instances, the ransomware groups retrieve data and then threaten to leak it to the public. The report identified two criminal groups, ALPHV and Medusa, as using this approach to extort institutions.
“Based on what we’ve observed during Q1 (849 total attacks worldwide), we assess that more advanced ransomware threat actors will increasingly deploy novel coercive techniques, particularly as the fallout of existing instances generates media coverage and civil lawsuits against affected organizations,” Drew Schmitt, a lead analyst for GuidePoint Research and Intelligence team (GRIT), said in a news release. “We can make this assessment based on the increased prevalence of these techniques in open source reporting and internal research, as well as our technical and professional understanding of business risk as it pertains to ransomware events.”
The analysis measured activity worldwide, though the United States reported the highest number of attacks, at 46 percent, followed by the United Kingdom, Germany, Canada and France.
The education industry, specifically, saw a 17 percent increase from Q4 2022 to the first quarter of this year. This sector is unique in that while classes are not in session year-round, administrative offices are often staffed 12 months a year. Because of this “year-round victimization,” the report said, students are not always the “weak link” for intrusions….
