Countering the Education Sector’s Ransomware Problem

A recent survey of universities in the United Kingdom has revealed surprising statistics concerning the rate of ransomware attacks that target the education sector. According to the report, 63% of the surveyed UK universities were victims of ransomware infections, with 58% attacked within the past year alone.

Not only were universities a common target, but most of them were hit by ransomware multiple times. Bournemouth University was attacked almost twice a month for an entire year—21 infections in the span of 12 months.

The education sector may not seem like a lucrative target for ransomware operators, but Personally Identifiable Information (PII) and financial data of students and staff, proprietary scientific research, academic credentials, and other unique material stored in universities are quite valuable.         

In 2015, Trend Micro analyzed a full decade of data breach research and found that stolen data from universities have been in demand for some time. The collected data revealed that the education sector was the second most targeted industry, accounting for 16.8% of data breaches recorded during this period—only the healthcare sector suffered more breaches. Current news reports suggest that this trend still applies, with ransomware being the preferred method of profiting from the data stored by universities.   

Ransomware protection is an immediate concern, considering the rate of attacks on the education sector and the growth of ransomware in general. Most ransomware is delivered through spam email or downloaded through URLs hosting ransomware files, which leaves universities particularly vulnerable because they see a high volume of internet traffic—from connected students carrying multiple devices, professors who use email to communicate with their students, and administrative staff who access multiple sites daily. Because of this, implementing security practices can help stop ransomware from entering their networks. In the cases of universities who successfully avoided ransomware, being proactive with their defense against ransomware was essential.

There are specific steps the industry can take to stay safe from cyber attacks. Here are a few prevention suggestions for organizations in the education sector, to help improve their security strategy:

  • Apply tight access controls and install two-factor authentication (2FA) to strengthen login security
  • Institutionalize a policy of ‘least privilege’, meaning every system user should have the minimum set of privileges necessary to complete their task. The number of privileged accounts should also be limited.  
  • Implement wireless access controls to secure wireless LAN access.
  • Regularly update systems to minimize exposure to software vulnerabilities.
  • Assess vulnerabilities before they become a problem. Conduct thorough penetration testing to test system defenses.
  • Make cyber security education and awareness a priority for students, teachers, and staff.
  • Install a layered and comprehensive security solution to protect systems from ransomware. Thoroughly defend your gateway, endpoints, networks, devices, and servers.

Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.