Texas, California, New York, Louisiana, Missouri lead list of states with most ransomware attacks on schools: report

A Comparitech study tracked more than 220 ransomware attacks on schools in the US since 2018.

Comparitech has released a new study on the number of ransomware attacks affecting schools, colleges and universities since 2018, finding the most amount of attacks in the country's most populous states like Texas, New York, California and Louisiana. 

Researchers Rebecca Moody and George Moody found that there have been a total of at least 222 ransomware attacks affecting 3,880 schools and colleges since 2018. They estimated that these attacks cost educational institutions billions in downtime and in ransom payments as ransomware groups targeted bigger school systems throughout the COVID-19 pandemic. 

In 2020 alone, Comparitech researchers tracked 77 individual ransomware attacks that affected more than 1,740 schools and colleges, "potentially impacting 1.36 million students," according to their data.

ZDNet Recommends

The best cyber insurance

The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.

Read More

"Schools and colleges have suffered an estimated 1,387 days of downtime due to ransomware attacks with around 9,525 days spent on recovery efforts. 22 schools/colleges revealed the amount involved in their recovery efforts with nearly $19.2 million spent by these entities in total," the researchers explained. 

"This is an average of nearly $960,000. Ransom requests varied from $5,000 to $40 million. Hackers have received at least $2.95 million in ransom payments with the average payment being $268,000. Hackers have requested at least $59.1 million in ransom payments with the average request being $2.47 million."

According to the data collected by Comparitech, Texas suffered the most attacks with 19 since 2018 affecting 439 schools serving more than 300,000 students. California was second with 18 attacks affecting 288 schools, followed by New York, which saw 16 attacks impacting 138 schools, and North Carolina, which dealt with 10 attacks targeting 87 schools. 

Louisiana, Connecticut, Illinois, Missouri and Mississippi also saw a high number of ransomware attacks affecting their educational institutions. 

For 2021, Texas has led the way with 4 ransomware attacks, followed by Mississippi, California, Missouri and New York, which all had three from January to June this year.

In 2020, the 77 ransomware attacks tracked by Comparitech led to an average of seven days of downtime and more than 55 days recovering from the attack.

"Nevada had the highest number of impacted students in 2020 with 328,991 students affected by one single breach. Hackers targeted Clark County School District, which is the fifth-largest school district in the US with 374 individual schools. As the county didn't pay the requested ransom, the hackers (Maze) dumped student records," the report found. 

"The data breach report filed says 44,139 students were thought to have been affected by this aspect of the attack. The county and its staff and students also faced ongoing system disruptions in the month that followed. Due to its larger number of attacks, Texas also had a high number of students affected–245,460 in total. This was closely followed by Virginia (195,408) and Maryland (115,038)."

The report lists dozens of attacks on school districts -- Somerset Independent School District, Union Community School District, Athens Independent School District and Affton School District to name a few -- as well as attacks on university systems or colleges like The University of California San Francisco, which paid $1.14 million to NetWalker hackers, Imperial Valley College which paid Sodinokibi hackers $55,068 and The University of Utah, which paid a ransom of $457,000. 

There have already been at least 39 reported ransomware attacks on educational institutions this year, and these figures do not include the Kaseya attack, which affected a number of universities tangentially.