School Cybersecurity Strategies as Ransomware Attacks Hit 56% of K-12

Editor’s Note: In the above video, Sai Huda’s company was incorrectly shown as “CyberCash.” The correct company name is CyberCatch, which is reflected in the write-up below.

Ransomware attacks are one of the biggest threats on the radar to businesses, from healthcare to QSR, especially since the several high-profile attacks in the last year. One of the most at-risk industries is education; primary school and colleges have been heavily impacted by ransomware threats as they often don’t have the infrastructure to stop or prevent attacks. It appears this gap between attacks and appropriate responses is only growing. A recent Sophos report conducted in February 2022 found that attacks are up across all of education, with 56% of K-12 schools and 64% of higher education institutions reporting a breach in 2021. This is up from 44% of the entire sector being affected by a ransomware attack in 2020.

“The reason why [schools] are in the line of sight is because these education institutions normally have vulnerabilities that can be easily exploited,” said Sai Huda, Founder and CEO of CyberCatch. “They have data and they would have a significant impact from a ransomware attack, let alone a data theft.”

If the Sophos report is any indication, the problem is only getting worse and schools need to invest in the right tools to protect themselves from future hacks. Experts explained that most educational institutions don’t make cybersecurity a priority, and attackers have caught on. The Sophos report reflects this; out of all the sectors studied, “education is the sector least able to stop data being encrypted in an attack,” with higher education reporting the highest data encryption rate at 74%. Hackers understand it’s fairly easy to access ransomable information from schools.

“The data is valuable because it is data about the students, about their parents and families, if they are a higher education institution, they may have research data that is of value to the attackers,” Huda said.

Schools therefore need to build the infrastructure and invest in a variety of resources to prevent their data from being leaked. While doing this can be timely and expensive, it’s likely less expensive than the average $1.5 million it cost educational institutions to retrieve ransomed data.

“[Schools should] get security advice from outside experts as there are organizations and individuals that will provide that on a pro-bono basis,” said Dave Cunningham, Senior Case Manager at Alvaka Networks.

Cunningham also mentions that educational organizations need to realize that there are different levels of security measures and they need to make sure they are implementing one that is high-caliber, proactive and responsive.

When a cybersecurity threat does happen to a school, the Sophos report found it takes them longer to address and stop the issue, usually because there aren’t specific staff members on hand that are trained to deal with this issue. This can amount to months on months of data being held hostage; higher education reported the slowest recovery time from a ransomware attack among all studied sectors, according to the Sophos report. It then costs taxpayers millions of dollars to satisfy the demands of the attackers.

While there are insurance companies that offer cyber liability insurance, it’s just now becoming a more popular solution and is not yet widely adopted. Educational institutions are reported to have below-average cyber insurance coverage, clocking in at 78% while the global average rests at 83%.

Hackers have recently taken on a double-extortion attack method where they not only hold sensitive data hostage under threat of public release, but they lock schools out of their systems all together until a ransom is paid, which includes access to admissions, enrollment, and school records.

The pandemic also opened up a lot of doors for hackers, as daily work projects and communications were suddenly conducted online and often done insecurely. Schools in particular were an easy target and collectively suffered a huge financial loss, upwards of $3.5 billion in 2021.

There are many ways that schools can try to protect themselves from cybersecurity attacks, from proper investment in personnel to more advanced network protection. The most important tip is for school and district administrators to proactively, instead of reactively, insulate against cyber breaches and to understand that even if their school wasn’t affected, the ramifications of being unprepared are enough to motivate investment into well-researched solutions.

Cunningham, who works with organizations to help recover ransomed information, advises for investments into immutable ransomware-resistant back-up solutions, multi-factor authentication for all remote and administrative access, and endpoint detection response software to create more oversight over potential or real-time attacks. Even just these basic investments will go a long way, he said.

“We’ve had eight school districts that have gotten attacked by ransomware that we have been part of helping to recover, and we can say in all eight of those school districts, the basic measures that I just listed off are not in place. And these are considered to be the starter measures, the basics that need to be in place,” Cunningham said.

According to Huda, the five main strategies that educational organizations can use in order to prevent data breaches are…

  • Making sure there is an incident response plan
  • Multi-factor authentication for all users
  • Segmenting their networks
  • Making sure backups are offline
  • Instituting control testing in order to ensure all solutions are in place and working effectively

The time to make these investments is now, Huda explained. His own organization conducted a Small and Medium-Sized Businesses Vulnerability Report during Q1 2022, which included schools in the U.S. and Canada, and found that if organizations don’t make necessary changes, they’ll continue to be at risk from sophisticated hackers.

“75% said they would only survive a ransomware attack three to seven days. 55% either don’t have an incident response plan or it’s outdated, stale, and they haven’t tested it in about a year, which is not effective,” Huda said.

Follow us on social media for the latest updates in B2B!

Image

Latest

summer melt
From Freshmen to Founders: Michigan Students Take on Higher Ed’s Summer Melt Crisis with MeetYourClass
May 29, 2025

A growing number of colleges are struggling to convert applicants into enrolled students—and to keep them engaged through graduation. With Gen Z students relying heavily on familiar digital platforms like Instagram and Discord for social interaction, traditional college tools for orientation, enrollment, and community-building often miss the mark. According to research, between 10 to 40…

Read More
Aviation maintenance
The Future of Flight Depends on Mechanics, Not Machines: How Jets MRO is Solving the Aviation Maintenance Talent Gap
May 28, 2025

Private aviation is booming—but behind the sleek jets and luxury cabins lies a hidden crisis. A looming shortage of qualified aviation maintenance technicians threatens to ground growth. According to Boeing’s 2023 Pilot and Technician Outlook, the industry will need about 690,000 new maintenance technicians by 2042. While private jet usage is skyrocketing, the infrastructure to…

Read More
digital learning ecosystem
Stride at 25: Redefining the Digital Learning Ecosystem for Today’s K–12 Learners
May 28, 2025

As virtual learning matures and school choice accelerates across the U.S.,the 25th anniversary of Stride Inc. offers a moment to reflect on how far the digital learning ecosystem has come and where it’s headed.. Once known as K12 Inc., the company helped pioneer online education at scale. But in a landscape shaped by evolving…

Read More
search
From Search (SEO) to Answers with Generative AI
May 27, 2025

In this episode of The Marketing AI SparkCast, Aby Varma—founder of Spark Novus, which partners with marketing leaders to adopt AI responsibly and strategically—hosts Mike Ensing, Founder and CEO of Revere AI. They explore how LLMs are revolutionizing search, shifting the customer journey, and forcing a new marketing playbook where brand discovery is increasingly…

Read More