Cybercrime is constantly jeopardizing data security, and more recently one can definitely distinguish certain trends occurring. A sure way to discern a trend in cybercrime is to take a closer look at the victims targeted, by ransomware specifically. We do not in any way condone or support ransomware attacks, but there are a few things that we can observe from them with regards to their (rather sophisticated) business model.

Ransomware professionals do their research.

It’s no longer a “cast a wide net and see what we catch” approach; ransomware targets specifics industries for specific reasons. The big hype about ransomware’s threat to data security and awareness campaigns appearing everywhere encouraging people to be vigilant is as a result of ransomware’s “success rate”.

In a previous post we discussed why ransomware targets healthcare facilities. In this post we will discuss the prevalence of ransomware attacks on educational institutions, specifically schools.  

Why Would Ransomware Target Schools?

Ransomware professionals have discovered (assuming through market research) that schools would be an easy target to deploy ransomware successfully and ensure the ransom is paid. Schools have two things they need to succeed: a very concentrated dependence on their data to function on an operational level and a weak (technological) immune system. So here’s why they get targeted:

1. Schools most often share the same network architect structures – so in other words, if they are hit, they are hit hard. An infection on one computer can cause a domino effect of infections across the network.
2. Schools are less likely to upgrade their systems and security software on a regular basis, gambling with their data security. This creates more vulnerabilities and thus more opportunity for ransomware to infect with ease. There are probably several reasons for the presence of these vulnerabilities – but let’s be honest, who ever thought schools would be such a huge target!
3. Schools are less likely to have proper data backup systems in place. Even though some schools are paying more attention to this increasingly important “must have”, there are still a few schools who fail to give data backup and data recovery the consideration it deserves.
4. Ransomware attacks are increasing on mobile devices. And since teachers and the majority of scholars bring their smartphones to school, the exposure to the threat of a cyber-attack is continuous. Secondary infections are just as serious and even harder to contain and prevent reinfection because the source of the breach could go undetected for a long time.
5. Schools are also more likely to pay the ransom seeing as they would like to avoid or limit any possible downtime. In a case where proper precautions weren’t put in place, this might be the only option they would have to get their data back, and their networks up and running again.

What Can Schools Do To Protect Them From, Or Recover From A Ransomware Attack?

Even though no one could have predicted that schools would be targeted so severely by ransomware, it is not really a negative reflection on schools or their systems. We’ve established by now that ransomware is a criminal activity, and no matter what you do to ensure data security, if they want in, they will get in.

The best advice that schools can take to heart in light of this susceptibility to ransomware is:

Invest in setting up a disaster recovery plan and devote your resources to using a comprehensive data backup service provider, preferably one that will ensure that data recovery can happen with the least amount of downtime.