Technology Ransomware gangs have found another set of new targets: Schools and universities

18:58  23 march  2021
18:58  23 march  2021 Source:   zdnet.com

Ransomware: Sharp rise in attacks against universities as learning goes online

  Ransomware: Sharp rise in attacks against universities as learning goes online Higher education is struggling with ransomware attacks, with gangs seeing an easy target in institutions busy making the switch to remote operations.The number of ransomware attacks targeting universities has doubled over the past year and the cost of ransomware demands is going up as information security teams struggle to fight off cyberattacks.

a woman sitting on a table: School classroom © Image: iStock

School classroom

a close up of a screen © Provided by ZDNet
DDoS attacks and ransomware: How to protect yourself against them
Watch Now

There's been a spike in ransomware attacks targeting schools, colleges and universities, the UK's National Cyber Security Centre (NCSC) has warned.

The alert by the cyber security arm of GCHQ says it has dealt with a significant increase in the number of ransomware attacks targeting education over the course of the last month, a time in which schools were preparing to resume in-person lessons.

Ransomware attacks encrypt servers and data, preventing organisations from providing services. In this case, cyber criminals are hoping that the need for schools and colleges to provide teaching will result in victim organisations giving into extortion demands and paying a ransom in bitcoin in exchange for the decryption key required to restore the network.

How ransomware is evolving as a threat to organizations

  How ransomware is evolving as a threat to organizations Cybercriminals know they can make money with ransomware and keep getting bolder with their demands, says Palo Alto Networks' Unit 42.The number of victimized organizations hit by each ransomware family with their data publicly leaked in 2020.

"In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing," the agency said.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

It's likely that the attempted targeting of sensitive information is an effort to engage in double-extortion ransomware attacks, where cyber criminals threaten to publish stolen data if they're not paid the ransom.

"Any targeting of the education sector by cyber criminals is completely unacceptable," said Paul Chichester, director of operations at the NCSC.

"This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted".

The Morning After: A ransomware gang is demanding $50 million from Acer

  The Morning After: A ransomware gang is demanding $50 million from Acer On Friday night, The Record and Bleeping Computer reported that PC manufacturer Acer has been hit by a ransomware attack on its back-office network. According to information they’ve seen posted on the dark web, the REvil ransomware gang is demanding $50 million to decrypt its computers and delete stolen data instead of leaking it. Acer has not publicly admitted that there is an attack going on, only that it has “reported recent abnormal situations” to law enforcement. If it needs an example of what to do next then CD Projekt Red may be an example, having publicly acknowledged a ransomware attack that impacted plans to release new patches for Cyberpunk 2077.

Cybersecurity recommendations for schools, colleges and universities to protect their networks from ransomware attacks include having an effective strategy for vulnerability management and applying security patches, securing remote online services with multi-factor authentication and installing and enabling anti-virus software.

It's also recommended that organisations have up-to-date and tested offline back-ups, so if the network is taken down by a ransomware attack, it can be restored without paying criminals.

"I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected," said Steve Kennett, director of e-infrastructure at the higher education support body Jisc,

"Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what a devastating impact this crime has on the sector".

9 tips to protect your organization against ransomware

  9 tips to protect your organization against ransomware Over the past six months, the number of organizations hurt by ransomware shot up by more than 50%, says Check Point Research.SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)

The NCSC previously put out a warning about ransomware attacks targeting universities in September, but this particular form of cyber crime shows no sign of slowing down.


  • Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again
  • Why ransomware has become such a huge problem for businesses
  • Ransomware: This essential step could help you make it through an attack
  • The best antivirus software for 2021
  • Ransomware: Attacks could be about to get even more dangerous and disruptive

New US Justice Department team aims to disrupt ransomware operations .
The task force will focus on dealing with the “root causes” of ransomware.In an internal memo, the DoJ outlines the creation of a new initiative that will bring together current efforts in federal government to "pursue and disrupt" ransomware operations.

usr: 0
This is interesting!