• Home
  • /Learn
  • /Ransomware Attacks on Schools: On the Rise
background image


Ransomware Attacks on Schools: On the Rise


It's widely known that educational institutions have become the primary target of ransomware attackers due to their exposed security protocols. A dramatic surge in such attacks on schools confirms that ransomware attacks on schools are on the rise.

As just one example, confidential documents from 14 academic institutions recently trickled into the public domain after a security breach. Threat actors increasingly target school districts and associations through ransomware for several reasons: less-than-mature security postures, fewer grants, and narrow controls over sensitive data open the floodgates and make it easier for attackers to steal sensitive data.

Today, our team of ethical hackers looks at how ransomware attacks on schools can disrupt the regular workflow of educational institutions, as well as various preventive measures school administrators should take to protect their resources against ransomware.

Ransomware Attacks on Schools Are on the Rise: The "Why" and "How"

Ransomware is malicious software that infects the target system and encrypts all files, thereby blocking access. Once they have prevented owners or organizations from being able to utilize their systems or data, attackers then demand a ransom payment in exchange for restoring access.

Cybercriminals target schools for academic and other data of students, staff, and institutions via ransomware. As most of these institutions lack the budget to invest in sound defence strategies, it becomes easy for cybercriminals to access school systems. The State of Ransomware Report 2021 found that educational institutions and schools suffer the most ransomware attacks.

According to them, 44% of respondents in the sector suffered a ransomware attack last year. Also, during these ransomware attacks, the malicious players hit a bonus. They could access students' and teachers' personal information. It becomes easy for scammers and identity thieves to leverage students' personal information for malicious activities.

These statistics are only rising in 2023 and beyond: with cyberattacks in the education industry up 77% since that 2021 report was released, studies are finding that:

  • Every week, the education sector is the target of almost 2,000 cyberattacks

  • 1 in 10 organizations in the United States don’t have cyber insurance

  • 82% of university representatives report that more funding is required to bolster their cybersecurity 

  • Phishing is the most common type of cyberattack targeting educational organizations

  • In the July of 2022 alone, Latin America’s school systems saw a 62% increase in cybercrime

  • Organizations in Canada that were previously targeted by hackers spent an average of $113,000 more to prevent cyberthreats than their counterparts, with small businesses that were impacted spending 120% than their non-impacted counterparts

  • 64% of polled representatives stated that they do not believe their existing cybersecurity framework is enough to ward off threats

So what should schools and related educational organizations do to circumvent these increasing security risks? Well...

Preventative Measures Against Ransomware in the Education Industry

Knowing that ransomware attacks on schools are spiking is only half the battle.

To begin minimizing risk, we recommend the following steps:

  • Filter out malware: "Malware" is a catch-all term. Ransomware is a type of malware. School districts and associations should deploy anti-malware and network packet filtering tools to protect the system from contamination. Effective filtering criteria can help shield school administrators and students from ransomware when visiting websites that distribute or release malicious code

  • Limit peripheral storage devices and administrative accounts: Due to budgetary constraints, school and district IT staff encounter several challenges in staying in sync with evolving technologies. So, to minimize the risks of leveraging new technologies, school authorities should take proactive measures such as disallowing outside devices in office systems. The school executives and head should impose strict rules, restricting administrative access to a select few. Schools should also limit internet-exposed services like Remote Desktop Protocols (RDP)

  • Set security policies for office system use: It is essential to preserve cyber hygiene in school systems to protect against ransomware attacks. Anyone using office systems must follow protocols (mentioned in policies) for security reasons. Strict security policies must be in place. A few are: 

    • Leveraging multi-factor authentication (MFA) to defend accounts against compromised passwords

    • Not injecting flash drives in office systems

    • Using strong passwords

    • Keeping systems and apps up to date

  • Backup system data and critical files: There is no guarantee that you can protect your school systems from sophisticated ransomware attacks. So, it is always better to back up critical data, including those of students and teachers. This way, even if ransomware attacks the systems and encrypts all files, you can format the entire system and restore the backup files from the stored repository. It is essential to isolate the data backup somewhere safe

  • Educate everyone about cybersecurity: Educate school members (principals, superintendents, students, teachers, and other office staff) not to open malicious attachments, malicious sites, or unknown links. Also, schools should hire security professionals to train their employees to respond actively to cyber threats and events

Of course, we recommend periodic penetration testing as the first line of defence. By conducting penetration testing, schools can fortify their security against potential threats and significantly reduce ransomware attacks. These tests will also help identify weaknesses in the school's current system.


Ransomware is a growing threat to schools and academic institutions. It can cause severe damage not only to the school's data but also to students' information. To protect against ransomware attacks, it is essential for school authorities to deploy sound security strategies.

Schools should limit access to computers, implement strict security policies, filter out malware and other malicious threats, and educate their members on cybersecurity. Finally, they should back up data regularly to prevent any loss of information due to ransomware attacks. With these proactive measures in place, schools can ensure the safety of their systems and data.

Did you know that ransomware attacks on schools are on the rise? Book your free, zero-obligation call with our team today or download our Buyer's Guide below for more in-depth information on how to keep your organization safeguarded.

Download our Free Buyer's Guide

Whether you are looking to complete Penetration Testing to manage risk, protect your data, comply with regulatory compliance standards or as a requirement for cyber insurance, selecting the right company is crucial.

Download our buyer’s guide to learn everything you need to know to successfully plan, scope and execute your penetration testing projects.