As the country pushes toward digitalization, the education sector showed the greatest risk with it becoming the target of most ransomware attacks in 2022—according to a survey report by cybersecurity firm, Sophos.
Titled “The State of Ransomware in Education 2023,” the report specifically highlights the statistics on the number of two institutions falling victim to the scheme by ultimately choosing to pay the ransom—higher educational organizations at 56 percent and lower educational organizations at 47 percent, respectively.
Compared to records established in 2021, the past year saw an attack on 79 percent of the higher educational organizations and 80 percent on lower educational organizations—showing an increase of 64 percent and 56 percent, accordingly.
Not counting the amount paid for ransom, the cost of recovery for higher educational institutions is said to be $1.31 million after when choosing to pay for the ransom, which contrasts the $980,000 cost of using a backup.
See also: How to get rid of malware from your Android smartphone
The cost is substantially higher for the lower educational institutions, however, where paying the ransom could still incur an overall cost of $2.18 million versus $1.37 million when opting not to pay.
Price aside, another major issue about being a victim of the scheme is the time it takes to recover and their overall number. In particular, there is a greater number among higher education organizations recovering within a month when using a backup (79 percent) versus those choosing merely to pay the ransom (64 percent).
The same is likewise true for lower education organizations at 63 percent and 59 percent, respectively.
Further findings in the report include:
- Ransomware attacks on higher educational organizations (77 percent) and lower educational organizations (65 percent) are due to exploits and compromised credentials.
- Relative to the cross-sector average (70 percent), the use of backups is significantly lower among higher educational organizations (63 percent).