According to the fifth annual Sophos State of Ransomware in Education report, educational institutions are showing notable progress in their fight against cyber threats, yet continue to face new challenges and stress for IT teams.
Progress Against Ransomware
The new Sophos report states that the education sector has achieved significant success in protecting against ransomware, evidenced by reduced ransom payments and improved data recovery rates. Over the past five years, ransomware has emerged as one of the most serious threats to education, with primary and secondary schools regarded as 'soft targets,' often lacking sufficient funding and staffing.
Gaps and AI Threats
Despite improvements, serious gaps remain. 64% of victims reported insufficient protection, and 66% noted a lack of specialists to prevent attacks. Notably, attacks on educational institutions also employ AI-based methods, making them even more dangerous, such as:
- 22% of attacks were initiated through phishing.
- 35% of vulnerabilities in higher education institutions were unnoticed.
Recommendations for Improved Protection
To maintain the progress made in combating ransomware, Sophos experts provide several recommendations, including:
- Focus on attack prevention; gaps in protection must be closed.
- Secure funding, including the use of government subsidies to strengthen network security.
- Coordinated strategies to improve protection efficiency.
- Enhance incident readiness through regular drills and robust response planning.
Thus, despite significant achievements in protecting educational institutions from ransomware, continued efforts are necessary to identify and address vulnerabilities to prevent potential attacks in the future.
