15 julio, 202215 julio, 2022
After Health was one of the sectors hardest hit by the threat of ransomwareNow it is the turn of Education. This is revealed by a recent study of the security company Sophoswhich points out that in 2021 this type of attack skyrocketed,affecting 56% in primary and secondary school and 64% in collegecompared to 44% in 2020. However, the report specifies that the rate of attacks is below the intersectoral average, although it is true that it is one of the most vulnerable.
The educational sector has seen an increase in attacks for a simple reason: is one of those that pays least attention to its computer security, which not only makes them suitable victims for cybercriminals, but also, once attacked, they are not even able to detect it. It is not the case of ransomwarepractice with which systems are ‘kidnapped’ by encrypting them, releasing them only after payment of a sum of money.
Despite the fact that the recommendations of the experts point out that paying the ransom is always a bad idea, this is what practically half of the educational organizations did (45% in primary and secondary schools and 50% in university), in line with the general average, which is around 46%. Despite this payment, only 2% of those who paid it recovered all their datawhich comes to support the approach of not giving in to extortion.
In fact, In the case of primary education, the recovery rate after payment only moved by 62%, compared to 61% for university education. As it was, the education sector spent around three million dollars in ransom payments from ransomware. In addition to the low data recovery rate despite payment, the time it takes an organization to recover from these attacks, with 40% of universities needing more than a month to do so or about 10% of those surveyed admitting that it may take three to six months to return to normal activity.
In this new wave of attacks, the educational sector is opting for contracting cyber insurance, although in a lower percentage than the global one, with 78% compared to 83%. Beyond the benefits that this support can have in the event of an attack, one of the most positive aspects of this contract is that it works as an incentive to reinforce the defenses and, in this way, lower the premium. In this way, 95% in primary and secondary school and 96% in university reinforced their defenses so that their cyber insurance would not be so expensive. This is very good news considering the low levels of data encryption distilled by this sector (74% in primary school and 72% in university).
–
