Ransomware is devastating as a cyberthreat, but some industries are hurt by it more than others. One such industry is education, and universities and schools are struggling to keep up with these cyberthreats. Most even do the unthinkable in response to attacks: they pay the ransom.
Sophos reports that cybercriminals are increasingly going after the networks of universities and schools with their ransomware, seeing these targets as extremely profitable victims. If you think about it, it makes sense, as institutions of education tend to store immense amounts of personal data that could be valuable to hackers who might want to sell it on the black market. According to Chester Wisniewski, principal research scientist at Sophos, “Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold.”
The average ransom paid by schools suffering from a ransomware attack is $1.97 million, an absolutely astounding number. The average victim from the higher education industry, however, pays on average $905,000. One can see how these types of attacks would be tempting to pull off for ransomware hackers.
The large reason behind why schools and universities are paying up in response to these ransomware attacks is because these organizations cannot function without access to their data. With school records and networks being encrypted, many of the functions involved with their operations cannot occur. For example, many schools have intranets set up where resources and services can be accessed, and if networks are locked down by ransomware, they cannot be accessed, making things like attending class or accessing services impossible.
Sophos indicates that only 61 percent of the data stolen from schools and universities is recovered after paying the ransom; so, in addition to paying the ransom, cybersecurity professionals need to spend even more time and resources recovering the rest of the data.
These kinds of ransomware attacks cannot be taken lightly. Schools and universities are not exclusively vulnerable to ransomware. All organizations, including your business, can potentially become victims of ransomware attacks.
The best way to keep ransomware from affecting your business is to take a two-pronged approach. Implementing preventative measures and training your staff can go a long way on its own, but we also recommend proactively monitoring your infrastructure for potential vulnerabilities and threats. As long as you keep tabs on what is going on with your network, you won’t have anything to fear—especially if you work with a security provider like RedRock Information Security.
RedRock Information Security can help your business prepare for ransomware attacks through a combination of preventative measures and proactive monitoring. With the right technology solutions on your side, you’ll have all the protections in place to ensure that there is minimal chance of ransomware affecting your operations. To learn more, reach out to us at (616) 534-1500.
RedRock offers a full range of compliance-focused IT services including help desk, server and network management, perimeter and endpoint security, and associated hardware and software. What makes us unique is how we bake security into everything we do. We are regulated by the FDIC, NCUA, and DIFS. We undergo regular exams and audits by 3rd party assessors. This oversight offers our customers the peace of mind that multiple entities look at our products, policies, procedures, financials, etc.