A naukri.com initiative
Securityintelligence
1M
36
Image Credit: Securityintelligence
Reducing ransomware recovery costs in education
- Sophos State of Ransomware in Education 2024 Found that ransomware attacks on educational institutions decreased in 2024. Ransomware affects education quality and the majority (64%) of education IT workers report that ransomware impacts education quality. Education institutions should take precautions to secure the backups, such as by using air-gapped backups as well as immutable backups that cannot be erased. Sophos found that costs for lower education institutions whose backups were compromised were five times higher than those who had a backup to revert to.
- Students are impacted by ransomware attacks on the education sector. Lower education saw a decrease in attacks from 80% in 2023 to 63% in 2024. A recent study found that 44% devote only 10% of their IT budget to cybersecurity and the majority of schools (78%) do not employ cybersecurity specialists. Schools should continue to focus on reducing vulnerabilities.
- The recovery costs have more than doubled for ransomware attacks in education and Sophos found the increase even higher in higher education, more than four times higher from 2023 to 2024 ($1.06 million to $4.02 million). However, the attack rates for both are still higher than the global cross-sector average of 59%.
- Demand for ransom in education has increased. The Sophos Report found that paying the ransom has increased in both higher and lower education. Additionally, education sector ransoms tend to be higher as cyber criminals use double extortion.
- Ways to reduce recovery costs and ransomware risk are: installation of antivirus software; education of cybersecurity practices; filtering software to reduce the chance of students or employees being victims of phishing, and MFA. Educational institutions should take extra steps to ensure that each user who logs in is who they claim to be to avoid unauthorised access.
- The recovery of ransomware attacks is extended due to schools not containing the ransomware quickly enough. It is recommended to create an incident response plan which includes the planning, detection, recovery and post-incident actions.
- Despite the decrease in attacks, educational organizations must pay attention to the rising recovery costs. Schools should continue to reduce their vulnerabilities and the recovery costs by proactively taking steps to reduce risks.
- The future of ransomware attacks in education: The costs of ransomware recovery are even more impactful than other sectors. Educational organizations need to keep focusing on educating students by proactively reducing risks and recovery costs.
Read Full Article
2 Likes
For uninterrupted reading, download the app