All of your data is gone.
You receive a message telling you how much you need to pay to decrypt your data. You have no idea who you are dealing with.
With the onset of COVID-19 pandemic, the healthcare and financial sectors have been hit hard by cyberattacks. However, the education sector is not left behind.
The education sector is a tempting target for threat actors. Many state and local institutions find it difficult to invest in IT security, making them prone to ransomware attacks. Moreover, students most often engage in risky online activities, exposing them to ransomware attacks.
What has happened
- 17 school districts and colleges were hit by ransomware attacks between January 1, 2020, and April 8, 2020.
- Wichita State University informed its students and staff of a security incident in March.
- On March 20, 2020, the University of Utah Health notified its patients of phishing attacks that began in January.
- Last year May, the University of Corsica suffered a cyberattack, paralyzing a chunk of their servers.
- As per a security audit involving 400 British schools, 20% of them were hacked by their own students.
What the experts are saying
- “Attackers will capitalize on vulnerabilities in the outside perimeter, allowing for more effective and destructive phishing attacks”, stated Casey Ellis.
- According to the analysis by Verizon, the education sector is the only sector where malware propagation is mostly through websites as compared to emails.
- Ransomware has gained a foothold in the education vertical incidents and is responsible for 80% of incidents related to malware.
- The education sector witnessed phishing attacks in 28% of breaches and hacking via stolen credentials in 23% of breaches.
Regarding the tech infrastructure, the education sector is far behind the healthcare, financial, retail, government, and energy sectors. For instance, around two-thirds of school districts in the U.S. serve fewer than 2500 students and do not have a staff dedicated solely to cybersecurity. Furthermore, the sector has a poor performance when it comes to reporting phishing attacks, losing critical response time for the victims.