Skip to main content
close search
site logo
Dive Brief

Ransomware attacks surge in education sector

Colleges and universities are particularly challenged as repercussions of ransomware hit them harder and longer than other organizations.

Published July 14, 2022
Matt Kapko's headshot
Senior Reporter
Florida International University campus
A ransomware group claimed they attacked Florida International University in early 2022. Permission granted by Florida International University

First published on

Cybersecurity Dive
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • The education sector got hit with even more ransomware attacks in 2021, impacting almost two-thirds of higher education organizations, Sophos concluded in a new survey
  • Ransomware attacks hit more than half of the lower-education organizations surveyed and almost two-thirds of higher education institutions.
  • This marks a jump from the 44% of respondents combined across lower and higher education that reported ransomware attacks in 2020, but it’s consistent with an upward trend in ransomware attacks across all sectors.

Dive Insight:

It’s not uncommon for ransomware to target schools, but the financial and operational impacts are an anomaly. Schools and universities are disproportionately jolted by ransomware attacks compared to organizations in other industries, according to Sophos.

Across all industries, colleges and universities are the most affected — 97% of higher education respondents said ransomware attacks impacted their ability to operate.

Lincoln College, a private school founded in 1865 in rural Illinois, stands out as a particularly worrying example. Declining enrollment and large investments in technology hampered the college’s finances early in the pandemic.

Then a ransomware attack hit the college in December 2021, rendering its systems for admissions, recruitment and retention non-operational. Lincoln College never recovered and the school closed in May.

IT professionals in higher education also report the slowest recovery times from ransomware attacks. Colleges and universities, on average, take twice as long as organizations in other industries to recover — 40% took over a month, 31% took one to three months and 9% recovered from a ransomware attack in a three-to-six month period, according to Sophos.

The cost of remediation is another outlier. Higher education organizations reported an average remediation cost of $1.42 million per ransomware attack and lower education organizations reported a cost of $1.58 million.

The global average cost to remediate a ransomware attack is $1.4 million, Sophos said.

The survey was commissioned by Sophos and conducted by research firm Vanson Bourne in January and February 2022. It included responses from 730 IT professionals in the education sector.

Filed Under: Ed Tech

Editors' picks

Company Announcements

View all | Post a press release
Study Finds Students Value Quality Teaching, Not Just Easy Grades
From ACUE
October 31, 2024
Sumner College Launches Bachelor of Science in Nursing Program in Bend, Oregon
From Sumner College
November 12, 2024
UPCEA Launches Virtual Week to Celebrate Membership and Expand Connections
From UPCEA
October 30, 2024
Ziplines Education Acquires Clicked To Integrate Enhanced Work Simulations And Launch The Sale…
From Ziplines Education
October 28, 2024
Editors' picks
Latest in Ed Tech
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell