Ransomware Costs Schools Nearly $550,000 per Day of Downtime

  • By Gladys Rama
  • 09/13/24

New data from cybersecurity research firm Comparitech quantifies the damage caused by ransomware attacks on educational institutions.

Since 2018, the company has clocked nearly 500 separate ransomware attacks aimed at schools and universities in the United States, affecting the data of over 6.7 million individuals.

It found the average ransomware demand is $1.4 million, though the average ransomware payment is leagues smaller, less than $170,000. 

On average, each of these ransomware attacks caused nearly 11 days of downtime, with each missed day costing schools nearly $550,000.

All told, according to Comparitech's data, ransomware has cost the U.S. education system over $2.5 billion since 2018.

The ransomware landscape was particularly rough in 2023, which had a record-breaking 121 attacks. However, 2024 — at least, so far — has provided a slight reprieve. The rate of attacks this year has considerably slowed, and both the duration and cost of downtime have seen a noticeable decline.  

"Hackers often target schools in the latter part of the year, so it's possible we will see an uptick in ransomware attacks on educational institutions for 2024, but it's unlikely the figures will reach 2023's high," Comparitech said in a post detailing its findings.

However, the company warned that attackers seem to be more discerning, increasingly going for institutions with bigger budgets and larger troves of student data. With attacks becoming more sophisticated and targeted, Comparitech urged readiness.

"With the threat of ransomware attacks across the U.S. and worldwide remaining high across all industries, it's never been more important to ensure employees are clued up, systems are updated, and frequent backups are being carried out," it said.

About the Author

Gladys Rama (@GladysRama3) is the editorial director of Converge360.

Featured

  • Federal Ban of Kaspersky Sales Cites 'Unacceptable' Security Risk

    Effective this fall, the United States government has ordered a ban on all sales of Kaspersky Lab software to businesses and private citizens due to concerns about cyber espionage.

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • abstract representation of equity at the core of AI

    Why Equity Must Be a Core Part of the Conversation About AI

    AI is an immensely powerful tool that can provide customized support for students with diverse learning needs, tailoring educational experiences to meet student’s individual needs more effectively. However, significant disparities in AI access and digital literacy skills prevent many of these same students from fully leveraging its benefits.

  • A glowing blue shield at the center, surrounded by digital lines and red dots

    Cohesity Adds CrowdStrike Threat Intelligence to Data Protection Platform

    Data security provider Cohesity has integrated CrowdStrike threat intelligence to its flagship data protection platform.