In 2024, there were 5,461 successful ransomware attacks on organizations worldwide. Only one job sector saw a decrease in attacks compared to 2023’s figures: education.
In 2023, the education sector saw 188 ransomware attacks against education institutions, according to Comparitech’s annual analysis. Last year, that number dropped to 116.
Based on the data, there were at least 1.8 million records affected by these attacks. Additionally, the average ransom demanded by a ransomware gang against an educational institution was $847,000.
A national effort against ransomware
This data comes after several years of growing pressure on school districts to bolster their cybersecurity efforts. Edtech companies, too, are being affected.
Earlier this year, education software giant PowerSchool confirmed it suffered a cybersecurity attack that resulted in the leak of personal information of students and teachers using its PowerSchool SIS platform.
In response, the U.S. Department of Education has been working to support schools in their work to prevent cyberattacks.
More from DA: How to ensure longevity in the superintendency
Last year, the Department launched the Government Coordinating Council for the Education Facilities Subsector to share best practices and improve K12 cybersecurity. District Administration spoke with one of its members, Jennifer Silva, who spoke about the kind of support superintendents and building leaders can expect from the council.
Here’s a brief recap of that conversation:
- The council, launched in March of 2024, centers around strengthening school cybersecurity. It leverages a partnership between the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Education.
- The council is focused on expanding schools’ access to grants to support cybersecurity prevention, as well as engaging in conversations surrounding the safety and infrastructure of schools, especially those in low-income areas.
- Schools should come together in response to the council’s outgoing recommendations rather than “being siloed.” Its recommendations may take a while to be adopted at the federal level, but they could easily be integrated at the state and local levels.
For a closer look at how ransomware is impacting organizations globally, view the Comparitech report here.