Education is the industry most likely to be hit by ransomware attacks, according to a new report from security ratings provider BitSight.
The report analysed the cyber security performance of nearly 20,000 companies across government, healthcare, finance, retail, education, and energy/utilities.
Some 13% of education industry organisations were attacked by ransomware in the past year, compared to about 6% of government agencies and 3.5% of healthcare organisations. The lowest risk was in the financial sector, with only 1.5% of companies affected.
“Ransomware is a legitimate threat, with estimates from the U.S. Justice Department showing that over 4,000 of these attacks have occurred every day since the beginning of 2016,” said Stephen Boyer, co-founder and CTO of BitSight, in a press release. “While several ransomware attacks on healthcare companies have made headlines this year, the issue is more widespread.”
According to the report, ransomware attacks have grown tremendously over the past year—doubling or tripling in some cases. This is due, in part, to the number of different sophisticated trains of the malware now available to cyber criminals, including the Nymaim Trojan and Locky.
Between July 2015 and July 2016, the average security rating in the education industry fell by almost 15%. Each other industry remained relatively steady, the report found.
“This finding is not surprising,” said Engin Kirda, professor of computer science at Northeastern University. “The reason being that these are the organisations that typically have low budgets for deploying state-of-the-art security solutions.”
K-12 schools and universities do tend to have smaller IT teams and budgets, the report stated. Combined with the high rate of activities like file sharing, this leads to trouble. A BitSight report released earlier this year found that about 58% of academic institutions allowed file sharing on their networks.
Going after academic institutions that are often in the news for their budgetary problems seems counter intuitive. However, since schools hold a plethora of student and staff data, including social security numbers, medical records, financial information, and research, they hold interest for cyber criminals, the report stated. And schools may be more likely to pay for the information to avoid HIPAA concerns and other regulatory violations.
Between 2005 and 2013, 551 data breaches occurred at US universities, according to a 2014 study from Educause. Symantec’s 2016 Internet Security Threat Report ranked education third overall among the top 10 most-breached sectors, after health and business. Some five million identities in the education sector were exposed due to these attacks, the report found.
BitSight offers the following tips for protecting your organisation against ransomware:
- Establish email security protocols, including educating employees about phishing attacks and ways to stay safe on company networks.
- Identify commonly used vendors and monitor them for malware.
- Continuously check security systems and networks to determine possible areas of weakness or signs of infection.
- Avoid peer-to-peer file sharing on your network, and inform employees of this policy.