Education institutions – both schools and colleges – are increasingly being hit with ransomware, with 60 per cent suffering attacks in 2021 compared to 44 per cent in 2020, claims Sophos, a cybersecurity platform’s new sectoral survey report.
The finding of the survey called, the State of Ransomware in Education 2022, states that Education institutions faced the highest data encryption rate (73 per cent) compared to other sectors (65 per cent), and the longest recovery time, with 7 per cent taking at least three months to recover – almost double the average time for other sectors (4 per cent).
Additional findings from the survey claim that education institutions report the highest propensity to experience operational and commercial impacts from ransomware attacks compared to other sectors. It says that around 97 per cent of higher education and 94 per cent of lower education respondents say attacks impacted their ability to operate, while 96 per cent of higher education and 92 per cent of lower education respondents in the private sector further report business and revenue loss.
In video | Malware Strike on Oil India
Another finding says that only 2 per cent of education institutions recovered all of their encrypted data after paying a ransom (down from 4 per cent in 2020); schools, on average, were able to recover 62 per cent of encrypted data after paying ransoms (down from 68 per cent in 2020).
Further, the survey added that higher education institutions in particular report the longest ransomware recovery time. “While 40 per cent say it takes at least one month to recover (20 per cent for other sectors), 9 per cent report it takes three to six months," added the survey.
“Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold," said Chester Wisniewski, principal research scientist at Sophos.
Chester Wisniewski added, “Unfortunately, these attacks are not going to stop, so the only way to get ahead is to prioritize building up anti-ransomware defenses to identify and mitigate attacks before encryption is possible."
In the light of the survey findings, Sophos experts recommend the following best practices for all organizations across all sectors. They urged the educational institutions to install and maintain high-quality defenses across all points in the environment. Review security controls regularly and make sure they continue to meet the organization’s needs. It further said, “Proactively hunt for threats to identify and stop adversaries before they can execute attacks – if the team lacks the time or skills to do this in-house, outsource to a Managed Detection and Response (MDR) team." Additionally, harden the IT environment by searching for and closing key security gaps and make backups, added the suggestions.
Read all the Latest News, Breaking News, watch Top Videos and Live TV here.
Comments
0 comment