Ransomware Continues to Target Educational Institutions
School may be out for the summer, but ransomware attacks continue to hit educational institutions well into 2022. Similar to years past, K-12 school districts along with colleges and universities continue to fall victim to ransomware, facing disruption to day-to-day business operations, cancelled classes, potential exposure of student data and the hefty costs that go with.
Last year, 62 school districts and 26 colleges and universities were impacted by ransomware – affecting 1,042 schools overall. According to one study by Comparitech, ransomware attacks cost US schools and colleges more than $3.5 billion in downtime in 2021. Regardless of whether schools choose to pay a ransom, which can range anywhere from $100,000 to as high as $40 million, schools will, without a doubt, face steep costs associated with recovery efforts – all the way from software upgrades to employee overtime.
In both 2020 and 2021, the FBI along with the Cybersecurity and Infrastructure Security Agency (CISA) issued warnings of increased cyberattacks targeting educational organizations. While the FBI and CISA do not recommend paying ransoms, schools understandably find themselves with no other option other than to pay, when payment is the quickest way for classes to resume and daily operations to return to normal, not to mention, the only option for schools that do not have viable backups in place. Unlike organizations that have an army of security professionals on payroll, schools typically have underfunded IT departments, making them an easier target to cybercriminals not only on the security front, but on the recovery end as well, which can be a long uphill battle.
Earlier this year, Lincoln College, a private university in Illinois, shuttered its doors as a result of both the coronavirus pandemic and a December ransomware attack. The 157 year old college notes on its website, that despite being fully restored by March 2022, the ransomware attack “thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections.”
Now is the time, schools need to prepare for the very likely possibility of a ransomware attack. The Technology Directorate at Federal Student Aid (FSA) recently developed two fact sheets to help schools facing ransomware threats and related schools closures. The fact sheets offer best practices such as implementing multifactor authentication (MFA) and establishing an Incident Response Plan, as well as guidance on data sanitization and decommissioning hardware in the event a school needs to shut down.
While schools may be considered an “easy target” for now – the Department of Education and the Department of Homeland Security are being urged to do more to protect K-12 schools from the growing threat of ransomware attacks. Until then, it is up to the school districts and higher educational institutions to do what they can, with what they have – safeguard their systems, bolster their incident response plan and be prepared for a cyberattack.