Despite the alarming rise of ransomware incidents in 2022, many education institutions still fail to address gaps in their protection protocols. A Sophos survey found that 64 percent of higher education and 56 percent of lower education institutions were hit by ransomware over the past year.
These statistics should raise some red flags as the education sector continues to lag behind in cyber defense practices, making them one of the most vulnerable industries. If an educational institution is attacked, administrators often don’t have the resources to respond, due in no small part to staffing shortages.
Administrators and IT leaders across the education sector need to leverage modern innovations like AI and machine learning (ML) to ensure data protection for faculty, staff, students and the institution as a whole. Let’s take a closer look at why education is so vulnerable and how school administrators can implement preventative and restorative measures to curb long-term effects.
The walls of protection continue to crumble in education
From 2020 to 2021, ransomware attacks on educational institutions jumped by 44 percent. These institutions are already–and will increasingly become–a target for ransomware. It’s no longer about if; it’s when, and various districts are learning from unfortunate experiences.
For example, the L.A. United School District (LAUSD) suffered a ransomware attack in September 2022. While the more than 400,000 K-12 students could continue attending class, the attack crippled several critical infrastructure capabilities like staff and student email. The Cybersecurity and Infrastructure Security Agency (CISA) eventually uncovered that the hacking group Vice Society was responsible for the attack, but not until they had already leaked thousands of sensitive and confidential documents, representing a significant security threat for students, employees, alums and parents. While this is the second large-scale ransomware attack against LAUSD, it is still unclear if the school district has taken steps to bolster cybersecurity moving forward.