It’s no secret that ransomware is the attack du jour with more than 1,200 incidents generating nearly $900 million in payments from U.S.-based organizations last year alone. More than an extortion scheme, these attacks resulted in the disruption of operations and exposed proprietary data that could be exploited or sold on the dark web.
No one, it seems, is safe — especially school districts. According to Sophos, 56% of school districts worldwide suffered a ransomware attack in 2021. These attacks shut down school networks, canceled classes and put the personally-identifiable information (PII) of students, their parents, teachers, and other employees at risk.
But why school districts? Why are they a tempting target? And why now? Let’s explore.
Why school districts are being targeted
Over the past two years, the average ransomware payment has skyrocketed from $12,000 to $322,000 as targets have shifted from individuals to large organizations with deep pockets, according to the 2022 CyberEdge Cyberthreat Defense Report. Faced with disruption to classes and the perceived rising cost of IT security, many school districts are paying the ransoms — creating a self-perpetuating cycle.
Unfortunately, the attack doesn’t always end after the ransom is paid. In addition to demanding a ransom to return the encrypted data safely, ransomware gangs often threaten to leak the data unless the victim pays even more money in what’s called a double extortion attack. Attackers know that school districts have data for students, teachers, administrators, employees and even parents who are required to give up personal information during enrollment and for employment purposes, and they know there’s a good chance they’ll pay up to stop it from leaking. This data is spread across distributed networks over multiple campuses and is increasingly accessed by a growing number of endpoints.
Support the originator by clicking the read the rest link below.
