Why colleges are being targeted with ransomware attacks?

Due to the onset of the pandemic, many types of ransomware attacks unfolded.

Why colleges are being targeted with ransomware attacks?

(Representational Image: iStock)

Malware especially ransomware has existed for decades. However, it has become one of the most financially devastating and serious threats to organizations including colleges and universities. Due to the onset of the pandemic, many types of ransomware attacks unfolded. It results in serious consequences and losses for education institutions.

According to the findings of a recent survey, nearly half of all education institutes across the globe were targeted by ransomware in 2020, out of which 58% of institutions shared cybercriminals succeeded in encrypting their data.

In a typical ransomware attack, hackers usually attack higher education institutions that inherently store an enormous amount of confidential student data, research data or any type of system that is valuable for the institution. In such cases, the institutions are left with just a few choices – either to pay a ransom to the hacker, have a highly competent cyber security team to break the encryption or restore the data.


Therefore, to avoid adverse consequences of a ransomware attack, even the smallest of education institutions must look into the opportunities that cybercriminals use to attack higher institutions.

Unsafe devices

Due to the emergence of online learning, threats in cyberspace became more common. Unlike institutions, the systems and home networks do not provide firewalls or increased protection. As a result, they are considered more susceptible and are exposed to increased cyberattacks. Cybercriminals find opportunities to defraud schools, steal sensitive information or student data for a successful ransomware attack to extort money.

Therefore, institutions must help teachers and students practice safe behaviour online in order to protect themselves from ransomware attacks. Data encryption, complying with institutions’ cyber protocols, safeguarding the devices and networks, practicing data backup and strong password security make initial steps to take in cybersecurity.

Victim organizations complying with criminals

To continue with student learning, education institutions were enforced to shift to online/remote learning models. At the same time, institutions that faced ransomware attacks also suffered from the pressure of quickly restoring their networks. As a result, the victim organizations have to comply with cybercriminal demands. For instance – a school in Texas lost its systems’ access and student and staff’s data. In order to regain access and stop the sensitive data from being published, the school had to pay $547000 to ransomware attackers in 2021.

Across Europe, America, Asia- Pacific and Central Asia, the Middle East and Africa, the education sector faced the highest level of ransomware attacks in 2020. According to a survey – the total bill for rectifying a ransomware attack including the downtime, time of human resources involved, device and network cost, ransomware paid and many others constituted $2.73 million – highest across sectors.

Shift to online learning platforms

With an enormous number of education institutions moving to online and video conferencing platforms to conduct classes, the risk of cyber threats has emerged like never before. The ransomware attacks have become more sophisticated to lure the staff and students with harmless-looking weblinks, webpages and attachments.

With technology being incorporated across the education sector, one of the most popular cyberattacks includes ransomware by creating a copy of the original website or application where students and staff can enter their personal information and other sensitive data. On the other hand, in a majority of cases, ransomware attackers block the access of victims to their system or network even after they have paid the ransom.

Baiting opportunities / social engineering attacks

The trend of social engineering attacks is gaining huge popularity in the cybercrime space. During the pandemic, the entire world suffered from an economic slowdown, salary cuts and layoffs. The cyber attackers took advantage of the scenario by using emotional appeal to create a sense of excitement and curiosity to bait students and staff to provide sensitive information.

For instance – cybercriminals can launch phishing campaigns to pose as school staff and ask students to submit information about COVID vaccination from which the attackers can use confidential and personal details of the students for malicious activities.


Cyberattacks increasingly became common with the widespread adoption of technology. However, the bottom line is to educate teachers and students and have a working strategy in place to prevent the attacks.

(By Karmesh Gupta, CEO and Co-founder, WiJungle)