Ransomware attacks against the education sector have become increasingly prevalent, resulting in growing data recovery challenges among impacted schools and universities, reports ZDNet.
Schools and higher-education entities hit by ransomware attacks paid average ransoms of $1.97 million and $905,000, respectively, but providing ransom payments only resulted in the restoration of 61% of stolen data, according to a report from Sophos.
"Schools are among those being hit the hardest by ransomware. They're prime targets for attackers because of their overall lack of strong cybersecurity defenses and the goldmine of personal data they hold," said Sophos Principal Research Scientist Chester Wisniewski.
Such vulnerabilities should prompt the education sector to leverage both threat prevention and monitoring mechanisms, including the application of software patches and updates, as well as the implementation of multi-factor authentication, Wisniewski noted.
"It is essential to have these tools monitored on a 24/7 basis to respond to alerts and thwart attackers before they get a foothold. Too often we see that security tools were ringing the alarm bells, but no one was listening until the worst was already done," he added.
Malicious QR code messages have also been increasingly leveraged to compromise the sector, with Office 365 used to send over 15,000 of such messages to education entities, a Microsoft Threat Intelligence report showed.
While DumpForums claimed to have infiltrated the company's corporate GitLab server, mail server, and software management services, Dr. Web emphasized that the incident had not resulted in any customer data compromise.
Misconfigured Magento or OpenCart instances may have been targeted to facilitate the deployment of Mongolian Skimmer, which uses various event-handling methods to ensure extensive compatibility while hiding malicious activity with heavy Unicode character utilization.