Since the beginning of 2016 there have been on average, up to 4,000 ransomware attacks daily. In the recent news, stories about hospitals and healthcare clinics falling to aggressive ransomware attacks seem to be showing up increasingly. The healthcare industry is often targeted because the confidential information leads to higher chances of ransoms being paid since there could be lives at stake. However, in a recent report from BitSight, it was found that the education industry has surpassed healthcare as the number one target for ransomware attacks. BitSight is a security firm that analyzes large amounts of data on security issues and behaviors in order to help organizations manage their cyber risk. The most recent analysis inspected the performances of 20,000 company’s cybersecurity tactics and the growth of ransomware over the last twelve months.
According to BitSight, the average cybersecurity rating of education has dropped about 15 points over the past year. Small budgets and IT teams make it difficult for school districts to have effective cybersecurity systems and fend off the attacks. School districts also tend to not stay update on their software making them even bigger targets for attacks. Universities tend to fall to ransomware attacks due to the excessive file sharing that occurs on the network. BitSight’s report found that 58% of institutions in the education category had some type of file sharing on their network. Large amounts of file sharing, like on a university network, increases the chances of malware getting through and launching a ransomware attack.
Ransomware was found in 13% of the organizations within the education industry. That is three times more than the amount found in the healthcare industry. It’s believed that there’s been a surge in cybersecurity attacks because the Dark Web makes ransomware programs easily accessible. One doesn’t have to be a skilled cybercriminal to participate in the ransomware attack epidemic, which is why it has become so appealing.
Email has continued to be the primary means of attack when it comes to ransomware. A seemingly innocent email with a dangerous link can wreak havoc on an organization. Be sure to regularly review your email security solutions for gaps and weaknesses.