A Majority of Higher Ed Institutions Were Hit by Ransomware Attacks

IBL News | New York

A 64% of higher education organizations were hit by ransomware in 2021, in a jump of 44% from the previous year, according to a report from Sophos, a global cybersecurity leading firm.

For issuing this report report, titled “the State of Ransomware in Education 2022”, the company surveyed 5,600 IT professionals in 31 countries, including 730 respondents from the education sector during January and February 2022.

Sophos concluded that “the education sector is poorly prepared to defend against a ransomware attack, and likely lacks the layered defenses needed to prevent encryption if an adversary does succeed in penetrating the organization.”

The increased numbers of successful ransomware attacks are part of a broader threat environment that has affected organizations across all sectors.

Around 50% of educational organizations reported that they paid the ransom to restore data, compared with the global average of 46%.

While paying the ransom almost always gets you some data back, the percentage of data restored after paying has dropped over the last year. On average, in 2021 lower education organizations that paid the ransom got back 62% of their encrypted data and higher education organizations got back 61% of their encrypted data. This is in line with the global average of 61%.

“The key takeaway here is that paying the ransom will only restore a part of your encrypted data and you cannot count on the ransom payment to get you all your data back,” said Sophos.