Connect with us

Hi, what are you looking for?

HEADLINES

Education sector hardest hit by ransomware in 2020

As the Philippines continues to be on lockdown, virtual classes are still the safest option so students can continue to learn. However, digital transformation comes with cybersecurity risks. 

Sophos, a global leader in next-generation cybersecurity, recently published the “Sophos State of Ransomware in Education 2021,”which looks at the extent and impact of ransomware attacks on educational institutions worldwide during 2020. 

As the Philippines continues to be on lockdown, virtual classes are still the safest option so students can continue to learn. However, digital transformation comes with cybersecurity risks. 

The research findings provide the vulnerability of educational institutions that they should be aware of, review, and act on. 

The main research findings include:

Advertisement. Scroll to continue reading.
  • Education, together with retail, faced the highest level of ransomware attacks during 2020, with 44% of organizations hit (compared to 37% across all industry sectors) 
  • For educational institutions, the financial impact of a ransomware attack in 2020 was crippling. The total bill for rectifying a ransomware attack in the education sector, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid, and more, was, on average, US$2.73 million – the highest across all sectors surveyed, and 48% above the global average.
  • Over half (58%) of the education organizations hit by ransomware said the attackers had succeeded in encrypting their data. 
  • Over a third (35%) of those with encrypted data gave in to the attackers’ demands and paid the ransom. Only the energy, oil/gas, and utilities (43%) and local government (42%) sectors were more likely to pay.
  • The average ransom payment was US$112,435 (lower than the global average of US$170,404). However, those who paid recovered on average only around two-thirds (68%) of their data, leaving almost a third inaccessible, and just 11% got all their encrypted data back.
  • Of those institutions that were not hit with ransomware last year (55% of respondents), the majority (61%) expect to be targeted in the future. The main reasons for this are that cyberattacks are now so sophisticated (46%) and prevalent (42%) that they are almost impossible to stop.

“The education sector has long been an attractive target for cyber-attackers,” Chester Wisniewski, principal research scientist at Sophos, said. “The budgets for IT and cybersecurity can be very tight, with stretched IT teams battling to protect what is often outdated infrastructure using limited tools and resources, coupled with risky end-user behaviors, such as downloading pirated software. 

All this increases exposure to risk in any year, but in 2020 the pandemic happened, and education establishments had to switch, on short notice, to virtual learning environments, with very little time to think about security or provide basic cybersecurity training for all the new remote users. It significantly increased the sector’s vulnerability, and adversaries were quick to seize the opportunity, leaving victims with the substantial financial impact of rebuilding IT infrastructure from scratch.

To secure the network against ransomware, we advise IT teams to focus resources on three critical areas: building more robust defenses against cyberthreats, introducing security skills training for users, and, where possible, investing in more resilient infrastructure.” 

The Sophos State of Ransomware in Education 2021 survey polled 5,400 IT decision-makers, including 499 education IT managers, in 30 countries across Europe, the Americas, Asia-Pacific, Central Asia, the Middle East, and Africa.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

APPS

Today, the App Store stands at the forefront of app distribution, setting the standard for security, reliability, and user experience.

HEADLINES

Kaspersky has detected and blocked over 13 million web threats from its security solutions for businesses in Southeast Asia (SEA). Historical data from the...

HEADLINES

Kaspersky has been at the forefront of raising awareness about cybercrimes and empowering individuals and organizations to protect themselves.

HEADLINES

“We remind our customers to carefully inspect URLs before opening them. Criminals often use spellings very close to legitimate domains to deceive customers into...

HEADLINES

For the Philippines, PH-CERT and NADPOP estimate that the country needs 180,000 trained and validated cybersecurity professionals to proactively and effectively protect the country’s...

White Papers

46% of geo-distributed companies encountered network problems between one and three times per month, while 13% stated they experienced network challenges every week. The...

HEADLINES

“Data is the new oil. Cyber criminals steal personal information to defraud you or use your identity to victimize people close to you. Guard...

White Papers

According to the report, among organizations surveyed, 97% of those hit by ransomware over the past year engaged with law enforcement and/or official government...

Advertisement