Education is the industry most likely to be hit by ransomware attacks, according to a new report from security ratings provider BitSight. The report analyzed the cybersecurity performance of nearly 20,000 companies across government, healthcare, finance, retail, education, and energy/utilities.
“Ransomware is a legitimate threat, with estimates from the U.S. Justice Department showing that over 4,000 of these attacks have occurred every day since the beginning of 2016,” said Stephen Boyer, co-founder and CTO of BitSight, in a press release. “While several ransomware attacks on healthcare companies have made headlines this year, the issue is more widespread.”
According to the report, ransomware attacks have grown tremendously over the past year—doubling or tripling in some cases. This is due, in part, to the number of different sophisticated trains of the malware now available to cybercriminals, including the Nymaim Trojan and Locky.
Between July 2015 and July 2016, the average security rating in the education industry fell by almost 15%. Each other industry remained relatively steady, the report found.
K-12 schools and universities do tend to have smaller IT teams and budgets, the report stated. Combined with the high rate of activities like file sharing, this leads to trouble. A BitSight report released earlier this year found that about 58% of academic institutions allowed file sharing on their networks.
Going after academic institutions that are often in the news for their budgetary problems seems counterintuitive. However, since schools hold a plethora of student and staff data, including social security numbers, medical records, financial information, and research, they hold interest for cybercriminals, the report stated. And schools may be more likely to pay for the information to avoid HIPAA concerns and other regulatory violations.
In June, the University of Calgary paid a $20,000 CDN ransom after an attack encrypted its email system. “The expertise of our IT department allowed the university to isolate the effects of the attack and make significant progress towards restoration of the affected portions of our systems,” said Linda Dalgetty, the university’s vice-president of finance and services, in a press release. There was no indication that any personal or other university data was released to the public, she added.
Between 2005 and 2013, 551 data breaches occurred at US universities, according to a 2014 study from Educause. Symantec’s 2016 Internet Security Threat Report ranked education third overall among the top 10 most-breached sectors, after health and business. Some five million identities in the education sector were exposed due to these attacks, the report found.