The Education Sector Reports the Highest Rate Of Ransomware Attacks: Survey As per the report, over the past year, 79% of higher educational organizations surveyed reported being hit by ransomware, while 80% of lower educational organizations surveyed were targeted—an increase from 64% and 56% in 2021, respectively

The cybersecurity services platform Sophos, released a new survey report titled 'The State of Ransomware in Education 2023', has found that the education sector reported the highest rate of ransomware attacks in 2022. Over the past year, 79% of higher educational organizations surveyed reported being hit by ransomware, while 80% of lower educational organizations surveyed were targeted—an increase from 64% and 56% in 2021, respectively.

As per the report, this shows a significant surge from the previous year, with rates more than doubling since 2021, when only 44% of education providers face such attacks.

Additionally, the sector reported one of the highest rates of ransom payment with more than half (56%) of higher educational organizations paying and nearly half (47%) of lower educational organizations paying the ransom, said the report

However, paying the ransom significantly increased recovery costs for both higher and lower educational organizations. Recovery costs (excluding any ransoms paid) for higher educational organizations that paid the ransom were $1.31 million when paying the ransom versus $980,000 when using backups. For lower educational organizations, the average recovery costs were $2.18 million when paying the ransom versus $1.37 million when not paying, revealed the report.

Another primary concern resulting from ransom payments was the extension of recovery times. The report indicates that for higher educational organizations, 79% of those relying on backups recovered within a month, whereas only 63% of those who paid the ransom achieved the same timeframe for recovery. Similarly, lower educational institutions experienced slower recovery times, with 63% of those using backups recovering within a month, compared to 59% of those who paid the ransom.

"While most schools are not cash-rich, they are very highly visible targets with immediate widespread impact in their communities. The pressure to keep the doors open and respond to calls from parents to 'do something' likely leads to pressure to solve the problem as quickly as possible without regard for cost. Unfortunately, the data doesn't support that paying ransoms resolves these attacks more quickly, but it is likely a factor in victim selection for the criminals," said Chester Wisniewski, field CTO, Sophos.

The survey also explored the root causes of ransomware attacks in education. Across all educational organizations, there was a significantly higher number of seizures resulting from compromised credentials (37% for higher education and 36% for lower education) compared to the cross-sector average of 29%. This highlights the urgent need for more robust authentication measures to prevent unauthorized access.

The State of Ransomware 2023 survey polled 3,000 IT/cybersecurity leaders in organizations with between 100 and 5,000 employees, including 400 from the education sector, across 14 countries in the Americas, EMEA and Asia Pacific. This includes 200 from lower education (up to 18 years) and 200 from higher education (above 18 years) and both public and private sector education providers, said the company in the official release.