The education sector is especially vulnerable to ransomware attacks over holidays and weekends, according to a global survey of 1,203 cyber defense professionals across sectors by Cybereason, a cybersecurity technology company.

Overall, education cybersecurity professionals were the most likely to report significant negative impacts from a cyberattack occurring over a holiday or weekend compared to a weekday, Cybereason found. In fact, 54% of education IT pros surveyed said “it took us longer to assess the scope of the attack” over a holiday or weekend.

Some 42% of education cybersecurity professionals said they take longer to respond to and stop holiday and weekend incidents compared to those on weekdays. The same percentage — 42% — reported greater financial losses from holiday and weekend cyberattacks.

With the winter holiday break just around the corner, take note: The report found holidays and weekends make education and other sectors particularly susceptible to ransomware attacks because of typically skeletal staff working at those times.
In fact, the recent major ransomware attack on the Los Angeles Unified School District occurred over Labor Day weekend. The attack led to about 250,000 files, some containing sensitive personal data, being leaked on the dark web.

Cybereason’s findings of K-12’s especially high vulnerability come as schools are already strapped for employees and funding dedicated to cybersecurity.
Another new report by the Center for Internet Security, analyzed data from the 2021-22 school year and found, on average, schools spend less than 8% of their IT budget on cybersecurity. In addition, 18% of schools said they use less than 1% of their IT budgets for cybersecurity, the center said.

Schools are also more likely than other sectors to spend more time recovering from a ransomware attack, Cybereason found. On average, 16% of cybersecurity professionals across industries — compared to 25% of those in education — reported taking one to two days to recover. And while 13% of all industry cybersecurity professionals recovered in three to six days on average, 28% of school professionals said they needed that amount of time.

To better protect schools from cyberattacks, experts recommend districts vet new technologies, collaborate with instructional leaders, phase in multi-factor authentication and create a security team.

Get more tips in the winter issue of CASBO’s California School Business magazine that includes a full feature on cybersecurity!