Ransomware Attacks on Education Are Skyrocketing: What Schools Can Do to Fight Back

JULY 20TH, 2022

There are headlines about ransomware attacks on educational institutions in the media every day. And the impacts can be incredibly painful. Lincoln College—founded in 1865—attributed its recent closure to a ransomware attack that took down all of its systems combined with the impacts of the pandemic. And last month Tenafly High School had to cancel final exams because ransomware crippled the district’s computer systems.

This anecdotal evidence—that the education sector is being targeted more often—rings true after reviewing Arcserve partner Sophos’s The State of Ransomware in Education 2022 report.

The Sophos survey of 499 IT professionals found that 56 percent of lower education organizations and 64 percent of higher education respondents were hit by ransomware last year. That’s a big jump from last year’s survey, which found that an average of 44 percent of education respondents were hit. Regarding impacts, the numbers look even worse, finding that education has the highest ransomware data encryption rate of all industry sectors Sophos surveyed.

Ransomware’s Impacts on Education

The Sophos survey found that almost all lower and higher education organizations whose data was encrypted by ransomware got their data back. But that isn’t necessarily good news because the survey also found that those who paid the ransom only got back 61 percent of their data. That leaves a lot of lost data. Only 4 percent got all their data back.

Even worse, the survey found that the overall cost to remediate a ransomware attack was $1.58 million in lower education and $1.42 million in higher education. That’s a high penalty to pay at a time when schools need every penny to try to meet student needs.

Cyber Insurance Is Driving Cyber Defenses

Education lags other industry sectors in securing cyber insurance coverage for ransomware, with 78 percent of the Sophos survey respondents saying they have coverage compared to 83 percent for all sectors. But the process for securing coverage has changed over the last year for 90 percent of respondents. Here’s what they experienced:

  • Fewer cyber insurance providers offering coverage
  • Increased cybersecurity requirements to qualify for coverage
  • More complex insurance policies
  • Longer application processes
  • Higher costs

These challenges push educational organizations to strengthen their cyber defenses just to secure coverage. Here’s the good news: Education has high cyber insurance payout rates, averaging a 99 percent and 100 percent payout rate for some costs for lower education and higher education, respectively.

But “some costs” means some financial burdens are still born by the organization. Regarding clean-up costs, insurance payouts average just 68 percent for lower education. The number is quite a bit higher for higher education at 87 percent. But paying the ransom generally falls to schools, with 53 percent of lower education respondents saying they received a ransomware insurance payout and just 36 percent of higher education receiving a payout.

Data Protection and Immutable Storage: Your Best Defense Against Ransomware’s Impacts

While you can’t stop every cyberattack—and odds are you’ll fall victim to ransomware—you can ensure your education organization’s data is always protected and can always be restored. That starts by implementing a 3-2-1-1 backup strategy: Keep three copies of your data (one primary and two backups) with two copies stored locally on two formats (network-attached storage, tape, or local drive) and one copy stored offsite in the cloud or secure storage. The last “1” in 3-2-1-1 is the number that really matters. It stands for immutable storage, where your backed-up data is converted to a write-once, read-many-times format that can’t be altered or deleted.

An effective data protection solution should make managing your backups and restoring your data easy. Arcserve UDP unifies data protection and prevents cyberattacks while also orchestrating recovery. Safeguarded by Sophos Intercept X Advanced cybersecurity, Arcserve UDP uniquely combines deep-learning server protection, immutable storage, and scalable onsite and offsite business continuity for complete IT resiliency for your virtual, physical, and cloud infrastructures.

To learn how Arcserve products can help your educational organization fight back against ransomware, talk to an expert Arcserve technology partner. To see how Arcserve products perform for yourself, check out our demos on demand.