Schools and universities are facing an unprecedented level of ransomware attacks as incidents continue to severely affect the education sector.
The warning comes from Jisc, a non-profit organization that provides networking and computing services to higher education and research institutions. Jisc ‘Cyber Impact 2022’ Report suggests that there is an increased threat of ransomware attacks on education.
According to the report, dozens of UK universities, colleges and schools have fallen victim to ransomware attacks since 2020, causing disruption to staff and students and costing institutions significant sums. In some incidents, Jisc claims impact costs exceeded £2m.
TO SEE: Cybersecurity: let’s get tactical (ZDNet special report)
And the attacks continue, as the report details how two universities and a Continuing Education and Skills (FES) provider were hit by separate ransomware attacks in March 2022.
Institutions are not specified, but the report says each incident had a significant impact as systems were taken down to prevent the spread of malware and to safely retrieve and restore data. In one case, a third party was called in to help the organization fully recover from the incident.
According to Jisc, higher education ranks ransomware and malware as the top cybersecurity threat, followed by phishing and social engineering.
The report suggests that one of the reasons universities have become such a common target for ransomware attacks is the sudden pandemic-induced shift to remote working for staff and students that has inadvertently left institutions open. to attacks.
For example, the shift to distance education has led to a surge in the use of the Remote Desktop Protocol, which can provide ransomware attackers with a route to networks.
Cybercriminals can send phishing emails to steal usernames and passwords, which they can use to access networks through legitimate user accounts. It is also possible for cybercriminals to use brute force attacks to break into accounts that use common or already hacked passwords.
“This underscores the importance of having basic security controls in place, such as protections against brute force attacks,” the report said.
While the threat posed by ransomware and other cyberattacks to higher education is well known, some institutions are struggling, especially when IT and information security teams are crippled by a lack of resources.
“We are doing our best, but all areas of IT support seem to be growing and need more attention and this is part of a larger role (where its importance should be much greater). The pandemic does not only stretched us more,” an undisclosed person said. The FES provider told Jisc.
TO SEE: These are the issues that cause headaches for bug bounty hunters
One of the steps organizations can take to protect accounts from hacking and exploitation to help launch a ransomware attack is to provide all users with multi-factor authentication (MFA). According to Jisc, there has been a sharp increase in the number of institutions that have implemented an MFA, although it has not yet been rolled out at all levels.
It is also recommended that universities encourage the use of strong and unique passwords, which make them harder to guess and allow cybercriminals to breach accounts, even if another user’s account has already been stolen. .
Additionally, it is highly recommended that security patches be deployed as soon as possible, so that devices, operating systems, and software are not exposed to known security vulnerabilities.