Educational institutions increasingly braced for cyber threats

Education sector suffers highest data encryption rate and longest recovery time, new research shows


Rohma Sadaqat

  • Follow us on
  • google-news
  • whatsapp
  • telegram

Top Stories


Published: Wed 13 Jul 2022, 7:04 PM

Last updated: Wed 13 Jul 2022, 10:44 PM

Educational institutions – both higher and lower education – are increasingly being hit with ransomware attacks, new research by Sophos has shown.

According to the State of Ransomware in Education 2022 report, 60 per cent of institutes reported suffering attacks in 2021, compared to 44 per cent in 2020. Educational institutions also faced the highest data encryption rate at 73 per cent, compared to other sectors at 65 per cent. They also reported the longest recovery time, with seven per cent saying that they take at least three months to recover – almost double the average time for other sectors.

“Schools are among those being hit the hardest by ransomware. They’re prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold,” said Chester Wisniewski, principal research scientist at Sophos. “Education institutions are less likely than others to detect in-progress attacks, which naturally leads to higher attack success and encryption rates.”

Considering that encrypted data is most likely confidential student records, the impact is far greater than what most industries would experience, Wisniewski explained. “Even if a portion of the data is restored, there is no guarantee what data the attackers will return, and, even then, the damage is already done, further burdening the victimized schools with high recovery costs and sometimes even bankruptcy. Unfortunately, these attacks are not going to stop, so the only way to get ahead is to prioritize building up anti-ransomware defenses to identify and mitigate attacks before encryption is possible.”

The report also showed that 97 per cent of higher education and 94 per cent of lower education institutes suffered attacks that impacted their ability to operate, while 96 per cent of higher education and 92 per cent of lower education respondents in the private sector further report business and revenue loss. Only two per cent of education institutions recovered all of their encrypted data after paying a ransom, which is down from the four per cent recorded in 2020.


On the other hand, schools were able to recover 62 per cent of encrypted data on average after paying ransoms – down from 68 per cent in 2020. Higher education institutions in particular report the longest ransomware recovery time, with 40 per cent saying it takes at least one month to recover, and nine per cent reporting that it takes three to six months.

The report also found that educational institutions report the highest rate of cyber insurance payout on ransomware claims. However, as a whole, the sector has one of the lowest rates of cyber insurance coverage against ransomware – 78 per cent compared to 83 per cent for other sectors.

"Four out of 10 schools say fewer insurance providers are offering them coverage, while 49 per cent report that the level of cybersecurity they need to qualify for coverage has gone up,” said Wisniewski. “Cyber insurance providers are becoming more selective when it comes to accepting customers, and education organizations need help to meet these higher standards. With limited budgets, schools should work closely with trusted security professionals to ensure that resources are being allocated toward the right solutions that will deliver the best security outcomes and also help meet insurance standards.”

More news from