The Education Sector Is Also A Target Of Ransomware Attacks, Making Loss Of Up To IDR 36.7 Billion

Ransomware attacks have targeted dozens of education sectors such as schools and universities (National Cancer Institute/Unsplash Photo Illustration)

JAKARTA - Ransomware attacks have targeted dozens of education sectors such as schools and universities since 2020 until now. Quite a sad event.

The non-profit organization Jisc released its Cyber Impact 2022 report which shows the increasing threat of ransomware to the education sector.

The report found that dozens of UK universities, colleges, and schools have been hit by ransomware attacks since 2020, causing disruption to staff and students, as well as costing institutions large amounts of money.

In several incidents, Jisc stated it drained more than 2 million pounds sterling equivalent to IDR 36.7 billion. In fact, the attacks keep coming, as the report details how two universities and a provider of further education and skills (FES) were hit by separate ransomware attacks during March 2022.

Although the university did not name the university, the report said each incident had a significant impact as the system was taken down to prevent further spread of malware, and to recover and recover data safely.

In one case, a third party was called in to help the organization fully recover from the attack. According to Jisc, higher education views ransomware and malware as the top cybersecurity threat, followed by phishing and social engineering.

One of the reasons universities are common targets for ransomware attacks is because of the sudden shift caused by the pandemic to remote work for staff and students, which inadvertently leaves institutions open to attack.

Where cybercriminals can send phishing emails to steal usernames and passwords, which they can use to enter the network through legitimate user accounts.

They may also use brute force attacks to break into accounts that use common or previously breached passwords.

One of the steps that can be taken to protect universities is to use strong and unique passwords, in order to make them more difficult to guess and for cybercriminals to break into accounts, even if other accounts by previous users have been stolen.

Lastly, it is highly recommended that security patches be updated as soon as possible, so that devices, operating systems and software are not left exposed to known security vulnerabilities.