Ransomware attacks against the US schools are on a surge, experts say threat actors are actively targeting schools as classrooms switched to remote learning last year.
According to tallies by Emsisoft and Recorded Future – cybersecurity firms known for tracking and investigating ransomware attacks – almost 1,000 schools across the United States have suffered a ransomware attack this year.
Threat actors targeted 985 schools across 73 school districts and it’s very likely there are some schools that are missing from the list, meaning the total number of victims is likely higher than 1,000, said Brett Callow, a researcher at Emsisoft.
The list shared by Callow includes high-profile schools such as the Mesquite Independent School District in Texas, which comprises 49 different schools; the Haverhill Public Schools in Massachusetts, which comprises 16 schools; and the Visalia Unified School District in California, which comprises 41 schools.
“There is a huge jump in ransomware attacks hitting schools starting in 2019 and that trend is accelerating,” Allan Liska, cybersecurity researcher at cybersecurity firm Recorded Future told Motherboard in an online chat.
There is no denying that 2021 is the year of ransomware but there are some good stories too. Earlier this year, when threat actors targeted the Affton School District in Missouri, the district had to cancel classes for a day out of precaution, but the attackers were not able to encrypt any critical computer or system, as the entire school was operating on Google’s cloud, according to Adam Jasinski, the district’s head of IT.
“While school districts are falling victim to ransomware at the same rate as ever, it seems that fewer large districts are now being hit. And that could be cause for hope,” Callow told Motherboard in an email. “If larger districts have been able to up their security game, smaller districts can too. We just need to work out what shortcomings exist and ensure they have the resources to address those shortcomings.”
“The increased efforts by governments, law enforcement, and private-public sector initiatives seem to be paying off and we’re seeing more wins. Cybercrime operations are being disrupted, and their revenue streams are being disrupted which, combined, alters the risk/reward ratio and will hopefully disincentivize attacks,” he added.