Education hit hardest by cyber attacks in 2020
A new report has confirmed that the education sector is particularly vulnerable to ransomware attacks.
The Sophos State of Ransomware in Education 2021 report examined the extent and impact of these attacks on educational institutions worldwide during 2020.
Following on from recent attacks on the NSW Department of Education and on Kaseya — which hit schools in New Zealand — the research findings confirm the particular vulnerability of educational institutions to this relentless cyber threat.
The main research findings include:
- Education, together with retail, faced the highest level of ransomware attacks during 2020, with 44% of organisations hit (compared to 37% across all industry sectors).
- For educational institutions, the financial impact of a ransomware attack in 2020 was crippling. The total bill for rectifying a ransomware attack in the education sector, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid and more, was on average AU$3.64 million — the highest across all sectors surveyed, and 48% above the global average.
- Over half (58%) of the education organisations hit by ransomware said the attackers had succeeded in encrypting their data.
- Over one-third (35%) of those with encrypted data gave in to the attackers’ demands and paid the ransom. Only the energy, oil/gas and utilities (43%), and local government (42%) sectors were more likely to pay.
- The average ransom payment was AU$150,080 (lower than the global average of AU$227,459).
- However, those who paid recovered on average only around two-thirds (68%) of their data, leaving almost a third inaccessible, and just 11% got all their encrypted data back.
- Of those institutions that were not hit with ransomware last year (55% of respondents), the majority (61%) expect to be targeted in the future. The main reasons given for this are that cyber attacks are now so sophisticated (46%) and prevalent (42%) that they are almost impossible to stop.
“The education sector has long been an attractive target for cyber attackers,” said Chester Wisniewski, Principal Research Scientist at Sophos.
“The budgets for IT and cybersecurity can be very tight, with stretched IT teams battling to protect what is often outdated infrastructure using limited tools and resources, coupled with risky end-user behaviours, such as downloading pirated software.
“All this increases exposure to risk in any year, but in 2020 the pandemic happened and education establishments had to switch, with short notice, to virtual learning environments, with very little time to think about security or provide basic cybersecurity training for all the newly remote users. This significantly increased the sector’s vulnerability and adversaries were quick to seize the opportunity, leaving victims with the huge financial impact of having to rebuild IT infrastructure from scratch.
“To secure the network against ransomware, we advise IT teams to focus resources on three critical areas: building stronger defences against cyber threats, introducing security skills training for users and, where possible, investing in more resilient infrastructure.”
The Sophos State of Ransomware in Education 2021 survey polled 5400 IT decision-makers, including 499 education IT managers, in 30 countries across Europe, the Americas, Asia–Pacific and Central Asia, the Middle East and Africa.
The full Sophos State of Ransomware in Education 2021 paper is available here.
Sydney's Knox Grammar School has recently installed a shared immersive learning space on its...
Considerable sector-wide changes are necessary to ensure that Australia's international...
Johnson Controls explains how the digital transformation of physical security is changing the...