One university in the United Kingdom suffered 21 separate ransomware attacks over the past year, according to researchers at endpoint security firm SentinelOne.
BBC reports that SentinelOne sent out Freedom of Information (FOI) requests to 71 universities in the UK. Of the 58 that replied, 23 said they had weathered a ransomware attack in the past year.
One of those was Bournemouth, a university with a cyber security unit which confirmed to the BBC it had been attacked 21 times in the past 12 months:
"It is not uncommon for universities to be the target of cybersecurity attacks; there are security processes in place at Bournemouth University to deal with these types of incident."
A spokesperson for the university went on to state the attacks left no lasting impact on its systems.
Most of the universities affected by ransomware said they were attacked despite having anti-virus solutions installed on their networks. SentinelOne did find, however, that two universities didn't have any installed AV products whatsoever.
Only one university contacted the police following an attack, which might suggest the UK ransomware epidemic is more widespread than we are led to believe.
Once the ransomware hit, attackers demanded from the universities a ransom payment ranging in value from £77 to £2,299 (5 BTC, or about 2,900 USD). None of the victims paid the ransom.
Even so, sometimes it only takes one success story, such as the Hollywood Presbyterian Medical Center's ransom payout of 17,000 USD, to incentivize attackers to raise their ransom demands.
Gianluca Stinghini, assistant professor in the Department of Computer Science at UCL, knows that tendency to be true. As quoted by Infosecurity Magazine:
"Email addresses for staff are often in the public domain which means that potentially the entire staff could be targeted at once, increasing the chance for successful infections. It could also be that they’re motivated by instances of other institutions reportedly paying out the ransom demands. All these factors combined underline the need for vigilance in the face of this increasing threat, from opening email attachments, to updating systems and back-ups for data."
Ransomware is commonly linked to phishing attacks. As a result, one of the best ways universities and other organisations can protect themselves against a ransomware infection is by training their employees to avoid a phishing attack.
That task begins with Metacompliance, a provider of Simulated Phishing, cyber security eLearning, and Policy Management software. Its solutions help educate employees about common security threats, including ransomware and phishing attacks.
Learn more on how Metacompliance can help you protect your organisation against phishing and ransomware.