Ransomware is never a good thing, but for some, it can be worse than it is for others. Take educational institutions, for instance—they’ve become a favorite target for cybercriminals to take advantage of, unfortunately successfully. Many resort to paying up, something that we’d never recommend.
According to Sophos, the potential profits that a cybercriminal could see by victimizing a school have motivated more and more of them to take this route. It makes sense, really… educational institutions and universities need to collect and store a ton of personal data that could make an enterprising hacker a pretty chunk of crypto-change if they sold it on the black market.
As Sophos’ principal research scientist Chester Wisniewski put it, “Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold.”
These schools are also a veritable goldmine for attackers, with the average ransom paid costing victimized schools a sickening $1.97 million. On average, a ransomware victim in higher education pays about $905,000.
Taking these statistics into consideration, it’s little wonder that those who use ransomware often target educational institutions.
The primary reason many schools and universities have shelled out the demanded ransom payments is simply due to how reliant they are on their data. If a school’s network and all its records are suddenly encrypted, a large portion of their operations will suddenly be impossible to complete. For instance, if a school relies on an intranet to deliver resources and services, ransomware could easily disable these functions and prevent students from attending class or accessing what they need.
That being said, paying the ransom is still a bad idea.
According to Sophos, only 61 percent of data an educational institution has encrypted is actually recovered if payment is transferred to the attacker. This makes it so that a cybersecurity professional will need to commit even more time and energy attempting to recover whatever data they can.
While ransomware is a serious issue for educational institutions for certain, there is no industry or organization that is immune to its influence. This means it is important that you take the risk of ransomware very, very seriously.
So, how does one help protect their business from ransomware and its influence? Doing so effectively will require a dual approach. You need to both secure your infrastructure with preventative measures and rigorous staff training, as well as proactively monitor your IT to ensure you catch incoming threats and other issues. SCW can assist you in doing so, allowing you to take a breath and focus on other aspects of your business,
Count on us to help prepare you for ransomware and other threats through the aforementioned preventative measures and monitoring. We’ll ensure that you have the technology and protections in place to prevent ransomware from impacting your business’ productivity. Find out more by reaching out at (509) 534-1530.
About the author
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!