As the 2023 academic year kicks off, schools across the globe are facing an escalating cybersecurity crisis, the Atlas VPN team reports.
Data shows the education sector is the most targeted industry by cybercriminals, primarily motivated by the high percentage of schools choosing to pay the ransom.
A recent Sophos survey of 3,000 IT and cybersecurity leaders across 14 countries, including 400 from the education sector, conducted in January-March 2023, reveals that 80% of lower education providers and 79% of higher education institutions reported ransomware attacks in the last year.
Construction (71%), the federal government (70%) and media & entertainment (70%) are also within the top five most targeted industries by ransomware attacks, but at a notably lower rate than educational establishments.
The survey identifies compromised credentials and exploited vulnerabilities as the top root causes of ransomware attacks in education.
In lower education, 36% of attacks originated from compromised credentials, while in higher education, 40% were due to exploited vulnerabilities.
These figures indicate a need for robust cybersecurity measures and employee training in educational institutions.
The mean cost to recover from ransomware attacks across all sectors is estimated at US$1.82 million, an increase from the US$1.4 million in 2022.
In lower education, the recovery costs have remained steady at around US$1.59 million in 2023 and 2022.
Recovery costs in higher education have decreased significantly from the US$1.42 million reported last year to just over US$1 million in 2023.
Meanwhile, On August 7, 2023, the Biden-Harris Administration released a statement outlining new efforts to strengthen America’s K-12 schools’ cybersecurity. The new initiatives aim to provide up to US$200 million over three years to bolster cyber defences in K-12 schools.Click below to share this article