80% of education providers hit with ransomware last year, Biden administration responds

Edward G. | September 19, 2023

As the 2023 academic year kicks off, schools across the globe are facing an escalating cybersecurity crisis, the Atlas VPN team reports. 

Data shows the education sector is the most targeted industry by cybercriminals, primarily motivated by the high percentage of schools choosing to pay the ransom.

A recent Sophos survey of 3,000 IT and cybersecurity leaders across 14 countries, including 400 from the education sector, reveals that 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year. 

Construction (71%), the federal government (70%), and media & entertainment (70%) are also within the top five most targeted industries by ransomware attacks, but at a notably lower rate than educational establishments.

The vulnerability landscape

The survey identifies compromised credentials and exploited vulnerabilities as the top root causes of ransomware attacks in education. 

In lower education, 36% of attacks originated from compromised credentials, while in higher education, 40% were due to exploited vulnerabilities. 

These figures indicate a need for robust cybersecurity measures and employee training in educational institutions.

Financial and operational costs

While the immediate financial cost of a ransomware attack is evident, the recovery from the attack also includes the cost of system downtime, loss of productivity, and reputational damage. 

In lower education, the recovery costs have remained steady at around $1.59 million in 2023 and 2022. 

Recovery costs in higher education have decreased significantly from the $1.42 million reported last year to just over $1 million in 2023.

Interestingly, the type of insurance the education providers have plays a significant role in whether or not they decide to pay cybercriminals to retrieve their data.

Around 56% of those in lower education and 66% in higher education who had standalone cyber insurance policies paid the ransom. 

In contrast, those with broader insurance policies covering cybercrime paid ransom at a rate of 43% (lower education) and 44% (higher education).

This raises questions about the role insurance companies play in perpetuating the ransomware crisis.

Governmental interventions

Meanwhile, On August 7, 2023, the Biden-Harris Administration released a statement outlining new efforts to strengthen America's K-12 schools' cybersecurity. 

The new initiatives aim to provide up to $200 million over three years to bolster cyber defenses in K-12 schools. 

A Government Coordinating Council will also be established to facilitate communication between federal, state, local, tribal, and territorial education leaders to enhance US schools' cyber defenses and resilience.

Final remarks

Education providers lack the funds that large corporations have to invest in robust cybersecurity measures and even staff training, leading to many loopholes sophisticated hacker groups can exploit.

The Biden-Harris Administration is a prime example of how the government should take responsibility for strengthening the cybersecurity of their country's schools.

As schools reopen, cybersecurity needs to be at the top of the agenda for educational leaders and governments worldwide.

Edward G.

Edward G.

Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.



© 2023 Atlas VPN. All rights reserved.