According to new data, the education sector now ranks as the most-targeted industry by ransomware attacks. In a recent report, security firm BitSight analyzed the growing ransomware threat across nearly 20,000 companies over the last 12 months. Researchers found that organizations in education had the highest rate of ransomware – with at least one in 10 experiencing ransomware on their networks – followed by government, healthcare, energy/utilities, retail and finance. Of the companies analyzed, 67 different government organizations (such as law enforcement groups and federal agencies) had been impacted by ransomware. Meanwhile, 133 healthcare organizations were also targeted and over 115 companies in finance.
Source: BitSight, The Rising Face of Cyber Crime: Ransomware Overall, the rate of ransomware has more than tripled, and in some cases increased tenfold, for many industries over the last 12 months, said BitSight.
“Although the media typically considers ransomware primarily a Healthcare problem, it is evident that schools and universities, retailers, government agencies, and energy/utilities companies should also be on the lookout,” warned BitSight.
In addition, the report highlights the prevalence of different strains of ransomware across industries. More than 11 percent of the education industry had the Nymaim Trojan on its networks, and nearly four percent had Locky – a new strain discovered earlier this year. Both Nymaim and Locky were the top two ransomware strains seen across all six industries, with the latter being more prevalent in retail and finance companies. On September 15, the FBI issued a public service announcement urging ransomware victims to report infections to law enforcement. “The FBI is urging victims to report ransomware incidents regardless of the outcome. Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases,” read the PSA. The FBI added that knowing more about victims and their experiences with ransomware will help the agency determine who is behind the attacks and how they are identifying or targeting victims. BitSight co-founder and CTO Stephen Boyer gave several recommendations for protecting against the risk of ransomware infections:
“Establishing email security protocols, monitoring key third-party vendors, tracking security ratings and avoiding file sharing are all ways to mitigate risks associated with ransomware.”
For more information on how to protect against the growing ransomware threat, check out this video:
