As with almost every industry, COVID-19 has required educational institutions to embrace digital technology for remote learning and student, teacher, and internal administrative meetings and collaboration.
Web applications are adapting the learning experience, and streamlining the way educational institutions work. K-12, college, and university campuses are increasingly reliant upon these digital technologies.
While campus IT departments work hard to accommodate the diverse needs of users, IT complexity has created many challenges. Cybercrime is up, and no school or university is immune. The new “learn from anywhere” environment has dramatically increased the number of remote students, faculty, and administrators, who are on the frontlines of a growing cyberwar.
Ransomware attacks on higher education institutions are increasing
Ransomware attacks have increasingly targeted colleges and universities. Cybercriminals have been exploiting security vulnerabilities that have propagated, as attack vectors have expanded with users accessing software and files from remote data centers, clouds, and SaaS facilities.
Last March, the FBI’s Cyber Division sent out an advisory notice warning of cybercriminals using malicious software called PYSA ransomware targeting educational institutions, and successfully extorting money. PYSA is one of many ransomwares, like NetWalker, Clop, Ryuk, DoppelPaymer, and others used in attacks against K-12 schools and colleges.
In July of 2020, the University of California, San Francisco, paid $1.14 million to cybercriminals who encrypted and threatened to publish stolen sensitive information. UCSF, Michigan State University, and Columbia College Chicago were targeted with the same ransomware, as was the University of Utah, which paid $457,000 in ransom.