Ransomware threat in higher ed is rising

Ransomware attacks don’t just affect businesses; colleges and universities are also prime targets for attacks. Within the last thirty days, educational organizations have been the target of more than 6.1 million malware attacks, while the second-most affected industry (business and professional services) has only seen 900,000 attacks. An analysis of ransomware campaigns within higher education found that ransomware attacks against colleges and universities have more than doubled since the onset of the coronavirus pandemic. In addition to increased frequency, the average ransom demand grew from an average of $8,000 in 2018, to $170,000 in 2020. Some high-end demands have exceeded $1 million.

The FBI’s Cyber Division recently warned that ransomware poses a growing risk for higher education, as cybercriminals are focusing on colleges and universities. This warning hit home in June as Des Moines Area Community College (DMACC) was forced to temporarily shut down operations as a result of a ransomware attack.

Warnings from the FBI and the recent DMACC incident are reminders to remain ever vigilant in protecting University data. Be careful with every email you receive, especially those that ask you to click on a link or verify personal or financial information. To assist with recognizing fraudulent emails, especially in light of this continuing trend, ITS will continue to simulate phishing and assign training to those most susceptible as part of our larger cybersecurity strategy. If you believe you’ve been targeted by phishing, see Reporting a Phishing Message (How-to) for next steps.

—Chris Mielke, ITS

Sources:
https://er.educause.edu/articles/2021/6/the-increasing-threat-of-ransomware-in-higher-education

https://www.desmoinesregister.com/story/news/education/2021/06/15/ransomware-attack-dmacc-online-classes-canceled-tuesday-des-moines-community-college-cybersecurity/7697802002/