For any business, a ransomware attack causes catastrophic financial and reputational damage. But as the education sector increasingly relies on technology to deliver learning, it has become a prime target for ransomware attacks. The pressure is relentless – 16% of known ransomware attacks in the UK targeted the education sector, as opposed to 4% in France and 7% in Germany. In July 2022, the UK National Cyber Security Centre (NCSC) even issued an alert to academic institutions regarding a surge in ransomware attacks targeting education establishments.

The results of these ransomware attacks can be devastating. The Department of Digital, Culture, Media & Sport found that seventy-one per cent of higher education institutions experience a negative outcome, such as a loss of money or data from a breach. Half (50%) stated their accounts or systems were compromised and used for illicit purposes.

The Changing Face of Ransomware: to pay or not to pay?

When ransomware gangs attack, organisations may be tempted to simply hand over the cash (or the crypto) and hope the bad guys go away. This approach is dangerously flawed because ransomware gangs don’t just disappear if you pay them. Gartner data found that 80% of organisations that paid out a ransom were targeted for a second time. Censornet’s research has also found that one in five (21%) mid-market organisations suffered a ransomware attack and subsequently paid the ransom. The average payout was £144,000, with 7% handing over more than £500,000.

There is no guarantee that ransomware gangs will keep their promises to unlock systems or decrypt data. It is important to remember that although some gangs are motivated by financial gain, others simply want to do as much damage as possible. They may carry out a threat to publish sensitive data after payment is made, for instance, or refuse to meet their promises. A payment offers no protection and can sink a business. A fact borne out in a report which warned that 60% of small businesses close within six months of a cyberattack.

Preventing ransomware attacks in education

Many organisations are concerned about cybercrime yet do not know how to respond. When an attack has started, it is too late to call for help. The best defences lie in deploying security systems that can block extortion attempts and keep the ransomware gangs at bay. Here are three tips on how to protect your organisation:

1. Eliminate Gaps in Your Security Posture

Protecting an organisation from ransomware is much more difficult when defenders rely on a vast and unwieldy array of point products. The solution is a platform which integrates several different products and allows them to share attack intelligence at machine speed. Gartner predicts that 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform by 2025.

Censornet’s integrated autonomous cloud security solution integrates email, web, cloud and identity security applications into one platform. Mind the gaps to improve your defences.

2. Fuse Identity and Context

Security solutions should be capable of assessing both identity and context to manage who is allowed to access sensitive information. Censornet’s Multi-Factor Authentication (MFA) secures access to systems, services and applications, protecting with more than just a password. Our Identity-as-a-Service (IDaaS) solution enables single sign-on (SSO) and authenticates users using rich contextual information.

Context and identity are forming the new perimeter – so need to be protected using the very best security solutions.

3. Respond Autonomously

As ransomware attacks continue to become more sophisticated, the ability to react with speed and accuracy is imperative. Organisations need to ensure their cyber defences work together at lightning speed to stop ransomware and deny cyber criminals any opportunity for extortion.

The Autonomous Security Engine (ASE) works behind the scenes to share attack intelligence across all security applications, analysing a billion threats per day and working around the clock to ensure that threat actors cannot get a foothold.

Make the right security decisions today, and you will have some shelter from the raging ransomware storm that is already raging.

Stop attacks the smart way with the Censornet Platform.

Find out more:

 

Enhancing Cyber Security Awareness Webinar