$209 million—that’s how much the FBI estimates that cyber criminals behind ransomware attacks extorted from businesses in just the first three months of 2016. Over the course of the year, ransomware attacks hit record highs, targeting hospitals, banks, and educational institutions like the Horry County school district in South Carolina.
While financial institutions and healthcare companies are familiar targets, it might surprise you to learn that some researchers believe educational institutions now suffer the brunt of ransomware attacks.
We say “some” because there’s a bit of disagreement in the industry regarding which industries are most at risk of becoming targeted by cyber criminals using ransomware. However, even if some research firms don’t think educational institutions are most at risk, schools are always in the top 10 most targeted industries.
Here are 5 of the most widely publicized ransomware attacks perpetrated against educational institutions in 2016:
Horry County School District
This South Carolina-based school system paid cybercriminals $8,500 to reinstate access to its 25 servers infected with ransomware. While that might not sound like a significant amount of money, there’s a bigger picture here. The school lost weeks of productivity while it scrambled to buy bitcoins and pay the ransom.
When it was all said and done, the school district experienced almost three weeks of downtime and spent $30,000.
Los Angeles Valley College (LAVC)
After discovering that hundreds of thousands of critical files were encrypted by cyber criminals demanding a five-figure ransom, LAVC engaged with law enforcement and cyber security experts to determine if there was a way to unencrypt the data without paying the ransom. After the analysis, the security experts recommend the school pay the ransom, and they did—all $28,000 of it.
In the summer of 2016, just a few weeks apart, both the University of Calgary and Red Deer College faced ransomware attacks. While the University of Calgary determined its best route was to pay the $20,000 CAD ransom, Red Deer College was able to sidestep the hefty bill by locking their systems down before the malicious software could encrypt anything important.
The North East Independent School District
Not hit by one or even two attacks, the North East Independent School District experience three ransomware incidents in just two months. These attacks affected 20 campuses, two departments, and 2.5 terabytes of data.
The school system was able to avoid paying the ransom by removing encrypted files and replacing them with copies stored in a backup solution.
Bigfork Public School
Taking the moral high ground, Bigfork refused to pay a single cent when cybercriminals used ransomware to encrypt critical files. Instead, they choose to forgo access to student records and other important files until they could find a workaround.
The Way Forward
Having a solution in place that not only looks for malicious activity but also blocks it at every major entry point can help you avoid having to pay cybercriminals should your institution become the target of a ransomware attack.
Our recommended solution for clients is Cisco’s Ransomware Defense. By wrapping your email, network, and endpoints in advanced security software, this proprietary solution helps prevent ransomware attacks from occurring and costing schools time and money.