14 DAY TRIAL // Six out of ten UK universities admitted to falling victims to ransomware attacks, according to mobile security firm SentinelOne, who has sent Freedom of Information (FOI) request to 71 institutions across Britain.
The company says that 13 universities refused to answer its request for information, claiming the response would damage their commercial interests.
Of the 58 that answered, SentinelOne says that 63 percent admitted to suffering ransomware infections, with 58 percent admitting the attacks occurred in the past year.
No UK university paid ransom demands
None of the affected institutions publicly admitted to paying the ransom, saying they dealt with the problem internally, but not providing any other details.
Of the 63 percent of all universities admitting to ransomware infections, 65 percent admitted to being hit multiple times. The Bournemouth University said their IT system was infected a whopping 21 times in the past year alone.
Only four universities revealed how much the ransom note was. The same Bournemouth University said the attackers asked for $100, the University of Bath said the attackers asked for 2 Bitcoin ($1,315), and the Brunel University and Bath Spa University said the attackers demanded 5 Bitcoin ($3288).
The highest ransom demand ever paid was recorded in Canada earlier this year, when the University of Calgary paid $15,500 to recover data locked on its computers.
Ransomware authors actively targeting larger institutions
The ferocity with which crooks are targeting universities is not surprising. Security vendors have noted a general shift in ransomware distribution in recent months.
Crooks have adapted operations from massive spam campaigns that target random home users to targeted attacks aimed at large institutions.
Attackers get in by compromising a computer on the university's network, via spear-phishing, RDP attacks, or other types of intrusions. They then manually deploy specially adapted ransomware that actively seeks out targets on the local network and encrypts as much of a company's computers as possible.
Ransomware authors strive to compromise these organizations, mainly because they know they can request a higher ransom demand, mainly because of the large amount of sensitive data stored on the infected computers.
For these reasons, having security solutions and backup software in place is a must especially at a larger organization. According to Sentinel One, not everybody follows these recommendations. For example, the renowned Oxford University and Kings College London admitted to not having any antivirus software installed.
