Blog

No Recess for Ransomware at Higher Ed Institutions

05.17.2022

Every 11 seconds a business is breached by a ransomware attack that has passed through its existing security stack. While ransomware attacks are impacting all industries, the education industry is one that has seen an increasing trend of ransomware attacks.

In March 2021, the FBI published a Flash alert highlighting an increase in ransomware targeting education institutions. Specifically, the FBI pointed to an increase in PYSA ransomware targeting education institutions in 12 U.S. states and the United Kingdom. Attackers were looking to leverage PYSA to exfiltrate data from higher education, K-12 schools and seminaries to use as leverage to obtain ransomware payments.

In November 2021, two community colleges, Butler County Community College in Pennsylvania and Clark Community College in Illinois, were victims of ransomware attacks. The attacks resulted in these two colleges being temporarily shut down.

A few weeks ago, ZDNet published an article entitled “Ransomware attacks are hitting universities hard, and they are feeling the pressure.” The article highlighted Jisc’s Cyber Impact 2022 Report, which pointed to a multi-year increase in ransomware attacks targeting U.K. education institutions. This  included two universities and a further education and skills (FES) provider that were hit by ransomware attacks in March 2022. These incidents were indicated to cause significant impacts.

This week brought more news about ransomware attacks on education institutions and the havoc they can cause. Multiple news outlets reported that after 157 years in operation Illinois-based Lincoln College would be closing down permanently on May 13th. To be fair, the college had experienced significant negative impacts from the pandemic, which resulted in significant declines in enrollments and fundraising. However, a ransomware attack in December of 2021 appears to be the “straw that broke the camel’s back.” The ransomware attack resulted in all systems required for recruitment, retention and fundraising efforts being inoperable. Systems were not fully restored until March of 2022. 

Successful ransomware attacks on education institutions typically result in significant disruption and costs. However, in most cases the impacts are temporary and institutions are able to successfully recover from attacks over time. However, in the case of Lincoln College, the ransomware attack ended up being catastrophic.

It’s clear from the above that ransomware attacks continue to be a growing problem for education institutions. As a means of strengthening defenses against ransomware threats, one of the key things that education institutions can do is to increase their use of cyber intelligence. Cyber intelligence can not only act as an early warning system for ransomware and other cyber threats but when used proactively can also help to prevent ransomware attacks from happening in the first place.

To learn more about how ThreatBlockr can help your educational institution use massive amounts of cyber intelligence from multiple sources to improve ransomware defenses, check out our ThreatBlockr Education Industry Data Sheet, our ThreatBlockr Data Sheet and Schedule a Demo.