A recent survey report revealed the highest rate of ransomware attacks in the educational sector in 2022. The study underlined over the past year, 79 per cent of the higher educational organisations were hit by ransomware, while 80 per cent of lower educational organisations were targeted.
The State of Ransomware in Education 2023 report observed an increase in attacks which was 64 per cent in higher educational firms and 56 per cent in the lower ones from the year 2021.
Additionally, the sector reported one of the highest rates of ransom payment with more than half (56 per cent) of higher educational organisations paying and nearly half (47 per cent) of lower educational organisations paying the ransom. However, paying the ransom significantly increased recovery costs for both higher and lower educational organisations.
It said the recovery costs (excluding any ransoms paid) for higher educational organisations that paid the ransom were USD 1.31 million when paying the ransom versus USD 980,000 when using backups. For lower educational organisations, the average recovery costs were USD 2.18 million when paying the ransom versus USD 1.37 million when not paying.
Paying the ransom also lengthened recovery times for victims. For higher educational organisations, 79 per cent of those that used backups recovered within a month, while only 63 per cent of those that paid the ransom recovered within the same timeframe. For lower educational organisations, 63 per cent of those that used backups recovered within a month versus just 59 per cent of those that paid the ransom, the report stated.
Chester Wisniewski, field CTO, Sophos said, “While most schools are not cash-rich, they are very highly visible targets with immediate widespread impact in their communities. The pressure to keep the doors open and respond to calls from parents to ‘do something’ likely leads to pressure to solve the problem as quickly as possible without regard for cost. Unfortunately, the data doesn’t support that paying ransoms resolves these attacks more quickly, but it is likely a factor in victim selection for the criminals.”
Sophos is a global innovator of advanced cybersecurity solutions, including Managed Detection and Response (MDR) and incident response services and network, email and cloud security technologies that help organisations defeat cyberattacks.