According to BlueVoyant’s Cybersecurity in higher education report, the number of ransomware attacks against universities increased by 100% year-on-year in 2020. The company compiled data from 2702 universities across 43 countries, covering the period January 2019 to September 2020. It went on to say that average payouts were totaling nearly $450,000.
The company claims that the rise in ransomware attacks against universities was due to them being forced to adopt remote teaching and learning methods. 22% of all analyzed universities and colleges had open or unsecured remote desktop ports (RDPs), and 66% lacked protocols like SPF, DKIM, and DMARC to help guard against phishing. The company said that these are the primary contributing factors. The report also stated that the second most types of attacks were data breaches, which accounted for half of all cyberattacks in 2019.
“This is an industry that has had to rapidly pivot to online learning, changing standard methods of learning, practically overnight. The education sector is also under huge financial and regulatory pressure,” says Jim Rosenthal, the CEO of BlueVoyant. He went on to say that “Threat actors know that there are vulnerabilities to be exploited and they are taking advantage of these vulnerabilities at every opportunity, making it imperative for universities to adopt a solid cybersecurity threat posture to ensure that the wealth of sensitive data is properly defended against adversaries.”