Education MSPs: Wake Up to the Ransomware Challenge


Last year, hackers unleashed a malware attack on the Swedesboro-Woolwich School District in New Jersey, which encompasses four elementary schools with a total of 2,000 students. The attack brought district-wide access to email to a halt, crippled the point of sale system in the schools’ cafeterias, and created a host of other problems, including a need to postpone state-mandated standardized testing. District administrators were told that they needed to pay the hackers 500 Bitcoin (about $125,000 at the time) in order for technology operations to resume.

Meanwhile, in February 2016, hackers reportedly attacked South Carolina’s Horry County School District—the third-largest in the state. According to, the attackers demanded that 22 Bitcoin be paid to their account within seven days, and that it would be “impossible” to recover the District’s files unless the fee was forthcoming. CNN reported that the Horry County School District allegedly paid $10,000 to recover data that was encrypted on 80 percent of its servers, and that the perpetrators had gained access to the network through an old server that was still connected to the Web.

Education has surpassed healthcare as the market sector most targeted by ransomware, reveals a report from security analyst firm BitSight. According to BitSight’s report, 13 percent of education players had been the victims of ransomware attacks on their networks in the last year; these institutions’ access to social security numbers, medical records, intellectual property, research, and financial data of faculty, staff, and students render them prime targets for attacks, the report said. The 13 percent figure compares rather unfavorably with the government and healthcare verticals, in which a respective 5.9 percent and 3.5 percent of entities experienced ransomware attacks during the same time period. The energy/utilities, retail, and finance sectors also fared far better in terms of ransomware attacks within the past year, at 3.4 percent, 3.2 percent, and 1.5 percent, respectively. So if you’re an MSP whose organization works in the education space—K-12, secondary, or both—and you haven’t addressed the issue of ransomware with your clients, you’re not only very remiss in meeting end-users’ needs, but are leaving money on the table.

Here’s what education-focused MSPs need to be doing to try to help education clients out of the ransomware line of fire. In a statement released with the BitSight report, BitSight co-founder and CTO Stephen Boyer deemed establishing email security protocols, monitoring key third-party vendors, tracking security ratings, and avoiding file-sharing effective means of mitigating the risks associated with ransomware. Most, if not all educational institutions—especially K-12 districts—aren’t going to be up for the challenge of handling these issues themselves and can benefit from MSP involvement.

Experts have deemed backup and disaster recovery the most effective protection against ransomware, followed by employee training. Many ransomware attacks occur through e-mail phishing, which means allowing employees in any market to remain uninformed about phishing attacks is a mistake. These are all areas in which MSPs can assist clients in the education vertical.