Technology Ransomware gangs have found another set of new targets: Schools and universities
Ransomware: Sharp rise in attacks against universities as learning goes online
Higher education is struggling with ransomware attacks, with gangs seeing an easy target in institutions busy making the switch to remote operations.The number of ransomware attacks targeting universities has doubled over the past year and the cost of ransomware demands is going up as information security teams struggle to fight off cyberattacks.
There's been a spike in ransomware attacks targeting schools, colleges and universities, the UK's National Cyber Security Centre (NCSC) has warned.
by the cyber security arm of GCHQ says it has dealt with a significant increase in the number of targeting education over the course of the last month, a time in which schools were preparing to resume in-person lessons.
Ransomware attacks encrypt servers and data, preventing organisations from providing services. In this case, cyber criminals are hoping that the need for schools and colleges to provide teaching will result in victim organisations giving into extortion demands andin exchange for the decryption key required to restore the network.
How ransomware is evolving as a threat to organizations
Cybercriminals know they can make money with ransomware and keep getting bolder with their demands, says Palo Alto Networks' Unit 42.The number of victimized organizations hit by each ransomware family with their data publicly leaked in 2020.
"In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing," the agency said.
SEE:(ZDNet special report) | (TechRepublic)
It's likely that the attempted targeting of sensitive information is an effort to engage in double-extortion ransomware attacks, whereif they're not paid the ransom.
"Any targeting of the education sector by cyber criminals is completely unacceptable," said Paul Chichester, director of operations at the NCSC.
"This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted".
The Morning After: A ransomware gang is demanding $50 million from Acer
On Friday night, The Record and Bleeping Computer reported that PC manufacturer Acer has been hit by a ransomware attack on its back-office network. According to information they’ve seen posted on the dark web, the REvil ransomware gang is demanding $50 million to decrypt its computers and delete stolen data instead of leaking it. Acer has not publicly admitted that there is an attack going on, only that it has “reported recent abnormal situations” to law enforcement. If it needs an example of what to do next then CD Projekt Red may be an example, having publicly acknowledged a ransomware attack that impacted plans to release new patches for Cyberpunk 2077.
Cybersecurity recommendations for schools, colleges and universities to protect their networks from ransomware attacks include having an effective strategy for, securing remote online services with and installing and enabling anti-virus software.
It's also recommended that organisations, so if the network is taken down by a ransomware attack, it can be restored without paying criminals.
"I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected," said Steve Kennett, director of e-infrastructure at the higher education support body Jisc,
"Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what a devastating impact this crime has on the sector".
9 tips to protect your organization against ransomware
Over the past six months, the number of organizations hurt by ransomware shot up by more than 50%, says Check Point Research.SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)
The NCSC previously put out a warning, but this particular form of cyber crime shows no sign of slowing down.
MORE ON CYBERSECURITY
New US Justice Department team aims to disrupt ransomware operations .
The task force will focus on dealing with the “root causes” of ransomware.In an internal memo, the DoJ outlines the creation of a new initiative that will bring together current efforts in federal government to "pursue and disrupt" ransomware operations.