A new report today from tech research site Comparitech details an alarming rise in cyberattacks targeting the education sector, including 85 attacks in the first half of 2023.

The report found that from 2018 to mid-September, 561 education institutions have been hit by a ransomware attack. The estimated cost of these attacks is believed to be $53 billion to the world economy in downtime alone.

Although ransomware attacks in other sectors through 2022 were found to have dipped, this was not true for the education sector and the number has continued to increase since. Attacks on the education sector have remained consistently high over the last four years and Comparitech claims that 2023 looks set to be a record-breaking year. The 85 attacks in the first half of this year are nearly double the 45 attacks recorded in the first half of 2022.

In the 561 attacks since 2018, more than 6.7 million individual records were breached. Schools, those serving students up to age 16, were the most targeted in recent years and also accounted for the most records stolen. Ransom demands made to educational institutions varied between $1,000 and a staggering $40 million, with hackers on average demanding $1.5 million. Based on these numbers, Compritech estimates that around $1 billion in ransom payments have been demanded in total.

The $1 billion demanded in ransom payments is a large number, but the amount believed to have been paid out following attacks is a far more humble $4.2 million, paid out in 16 of the 561 attacks.

Education institutions targeted in ransomware attacks reportedly suffered downtime from a few hours to 36 days, with the average sitting at six to eight days. However, the average has blown out to 11.6 days this year through most of September.

In 2022, the most prolific ransomware group targeting educational institutions was Vice Society, but it has since been joined by LockBit, Royal, Medusa and Rhysida in 2023.

“The fact that the education sector didn’t see the same dip in attacks as other industries last year highlights how schools and colleges remain a focus for ransomware hackers,” the report notes. “Add to this the ongoing spike in ransomware attacks across all industries and the threat of these cyber attacks remains high — if not higher — for the education sector.

The report concludes with a warning that it’s likely there will be another spike in ransomware attacks targeting educational institutions in the coming month as hackers seek to steal larger volumes of data.

Image: Ideogram