Education is Getting Schooled by Ransomware

The word ransomware (what is ransomware?) immediately conjures thoughts of hacks at major hospitals like Hollywood Presbyterian Medical Center and MedStar Health. However, information security risk management company, BitSight Technologies, recently issued a report revealing that education is currently ransomware’s biggest target with 13 percent of education institutions experiencing ransomware attacks in the last year.

According to BitSight’s report, education had the highest number of ransomware attacks, and the figures were three times higher than the rate of ransomware found in Healthcare and 10 times higher than the rate found in Finance. Nymaim is one variant that’s been plaguing the education sector as more than one in ten institutions have been hit with it.

Like many businesses, educational institutions are faced with the challenge of supporting any device students and faculty want to use to encourage learning and open collaboration. However, fostering an environment of open access presents a huge security vulnerability. Educational organizations typically share the same network architectures, and as a result, are tied to the same network weaknesses that offer hackers economies of scale. Once infected, it’s very easy for schools to experience the domino effect of ransomware as it spreads from one computer to the next and ultimately locks down an entire district.

Higher education, in particular, is a prime target for cyber-attacks because of high bandwidth networks, highly available systems, large collections of personal data from students and employees, and sensitive and valuable research data. Moreover, universities with health centers are responsible for the safekeeping of sensitive health information and HIPAA policies must be followed. Loans and student payment information also fall under the umbrella of information universities deal with so it must also comply with banking and financial regulations.

The following examples illustrate the damaging and costly effects ransomware has on educational institutions:

Horry County Schools paid nearly $10,000 in May 2016 after hackers locked files across the district’s network and required a ransom to unlock them. Executive Director of Technology Charles Hucks told reporters that the virus likely entered the district’s system through an outdated server. Although no data was stolen, the attack affected systems across the district, including payments for school lunches.

In May 2016, the University of Calgary paid a $20,000 ransom to hackers after being brought to their knees by a devastating ransomware attack. Technical difficulties began during the school’s Federation for the Humanities and Social Sciences Congress 2016, and email, Skype, wireless servers and other systems were disabled for over a week.

We also did a study in the UK last month that revealed 6 out of 10 universities had been ransomware victims – and 67% suffered multiple breaches.

As with all organizations, cyber security education and awareness training is essential for greater protection on the web, but below are a few steps educational institutions can take to protect their networks from a breach:

  1. Secure institution websites with Secure Socket Layer (SSL) technology verified by a trusted Certificate Authority (CA). Using a SSL Certificate ensures that information transmitted through the website will be encrypted, and student and staff information remains secure.
  2. Patching and vulnerability management are critical in breach protection so it’s important that security administrators and analysts keep their school’s network up-to-date.
  3. IT professionals need to educate students and staff about how to better protect their information and what to watch for in the event of a breach.

For more information on how to get guaranteed ransomware protection for your endpoints and servers, visit our Ransomware Cyber Warranty page.

In order to learn more about SentinelOne, and how our behavioral detection platform can block these dangerous threats, check out our white paper, The Wicked Truth About Malware & Exploits.