Intelligent CISO Issue 79 | Page 18

cyber

TRENDS
Education sector ’ s ransomware recovery costs skyrocket , despite fewer attacks overall .

Sophos survey finds most educational organisations paid more than the original ransom demand

ophos has released findings from its

S annual sector survey report , The State of Ransomware in Education 2024 . According to the report , the median ransom payment was US $ 6.6 million for lower education and US $ 4.4 million for higher education organisations . In addition , the survey states that 55 % of lower education respondents and 67 % of higher education respondents paid more than the initial demand .

Ransomware attacks are causing more of a strain as only 30 % of ransomware victims surveyed in both lower and higher education were able to fully recover in a week or less , down from last year ’ s 33 % ( lower education ) and 40 % ( higher education ). This slowing recovery rate is likely due to education organisations operating with limited teams and resources , making it harder for them to co-ordinate recovery efforts .
“ Unfortunately , schools , universities and other educational institutions are targets that are beholden to municipalities , communities and the students themselves , which inherently creates high pressure situations if they are hit and destabilised by ransomware . Educational institutions feel a sense of responsibility to remain open and continue providing their services to their communities . These two factors could be contributing to why victims feel so much pressure to pay ,” said Chester Wisniewski , Director , Field CTO , Sophos .
“ We also know that ransomware attackers have upped the ante when it comes to getting paid .
18 WWW . INTELLIGENTCISO . COM