When cybercriminals infiltrate and disrupt a target network with the aim of extorting their victim, they are no longer just looking to lock people out of their computers. What they are just as much after now is the personal information belonging to as many people as possible. Not only will this enhance the value of the extortion scheme, but it will also provide its own value on the dark web. Students’ and teachers’ driver’s license numbers, Social Security numbers, dates of birth, emails and phone numbers can be purchased by low-level identity thieves to open lines of credit and run other scams.
Unfortunately, even if a victimized organization does pay the ransom in exchange for regaining access to its systems, that doesn’t guarantee the criminals won’t go ahead and sell the sensitive data anyway. This is why security experts discourage victims from paying a ransom to their attackers. The primary effect of paying them off is enriching the criminals and emboldening them to do it again.
According to the surveyed parents, the average ransom payment in the school attacks they experienced was $887,360. In the same survey taken a year earlier, that figure was just $375,311. Ten percent of parents this time said the district paid a ransom of more than $1 million, up from just 3.7 percent in 2021. Of course, some schools were able to weather the crisis without paying anything. That’s been the case for about 14 percent of schools for the past couple years, according to these surveys. Ransoms aside, however, the cost of remediating the damage from one of these incidents can still be in the millions.
The other significant harm done by these attacks is the closure of schools. Experts say a big reason these types of incidents likely continue is the fact that schools are known to have smaller, underfunded IT departments. But there’s also the fact that communities are desperate to keep them open. Eighty-two percent of parents who experienced a ransomware incident said their school was forced to close for at least 1 day as a result, up from 75 percent last year. The average closure was 2.5 days, up slightly from last year. That’s a lot of last-minute childcare for working parents to figure out. Or they may have to take time off from work, incurring a form of personal cost from the attack.
In better news, 32 percent of parents who experienced an attack said their child’s data was not compromised. This was up from 25 percent last year, while a shrinking number of parents (8 percent) said they didn’t know if it was stolen or not (down from 14 percent last year). Hopefully this is due in part to greater education on the issue at the individual level. Around 70 percent of parents said they talk at least regularly with their child about practicing good security hygiene, such as using strong passwords.
School IT administrators should pay close attention to security alerts, while keeping a close eye on the traffic on their network. They should use basic security techniques, such as deploying two-factor authentication, regularly making offline data backups, and immediately applying security updates to their software as they become available. If they are hit with a ransomware attack, they should immediately contact the FBI, and can also check NoMoreRansom.org, for additional help.
Related:
4 key ways schools can strengthen and advance cybersecurity strategies
Could nearly half of cybersecurity leaders leave their roles by 2025?
- Are substitutes the answer to the teacher shortage? - June 13, 2023
- Preparing for ransomware attacks begins with education - June 13, 2023
- How to use UDL-inspired technology to reengage students - June 12, 2023