Colleges and universities have become prime targets for cybercriminals due to the valuable data they house and the potential for financial gain through extortion. A recent study by Sophos found that higher education organizations were the most targeted sector in 2023, with nearly 80% of surveyed institutions reporting being hit by ransomware.

In this article, we’ll explain how a college ransomware attack happens and what higher education institutions should do to protect student and staff data, as well as how you can be prepared in case your child’s college is targeted.

What Does a Ransomware Attack Entail?

Ransomware is a type of malicious software used by cybercriminals to encrypt the victim’s data and demand payment for decryption, either in the form of cryptocurrency or another payment method specified by the attackers.

Ransomware payments cost businesses and education institutions across the world millions in losses each year—yet these attacks remain hard to detect and often go unpunished. That’s why anyone with valuable digital information needs to take steps towards safeguarding their system against this threat.

Why Is College Ransomware Common?

[Image suggestion: A professor looking at a computer screen with a ransomware message displayed on it]

Colleges are a prime target for cybercriminals because they often have limited cybersecurity resources and store a wealth of sensitive data, such as:

• Student records with personally identifiable information (PII) like names, addresses, Social Security numbers (SSNs), and academic transcripts
• Financial information
• Research data
• Staff data

This information is valuable to ransomware attackers, who can sell it on the dark web or use it to extort the college for a ransom payment.

How Does a College Cyberattack Occur?

A ransomware attack in college can happen in various ways, but some of the most common methods include the following:

Method	How It Works
Phishing emails	The goal of phishing emails is to trick the recipient into clicking on a malicious link or opening an attachment that will infect the recipient’s computer with ransomware. For example, a phishing email might be disguised as a message from a college professor or administrator asking the recipient to click on a link to view a grade or download a document
Malicious websites	These websites are designed to infect visitors’ computers with ransomware. They can be disguised as legitimate websites, such as college portals or social media platforms. For example, a student might visit a malicious website that looks like the college library’s website but is actually designed to install ransomware to their computer
USB drives	USB drives infected with ransomware can spread the malware when plugged into computers. This is a common way for ransomware to be spread in colleges, where students and staff often share USB drives. For example, a student might plug a ransomware-infected USB drive into a computer lab device or library computer, spreading the malware to other computers on the network
Outdated software versions	Any new system vulnerabilities can’t be found and addressed when using outdated software. This can help ransomware attackers access systems more easily. For example, they might exploit a vulnerability in a college’s student information system to gain access to student records

Examples of Ransomware Attacks in College

A ransomware attack can have a devastating impact on a college or university. It can disrupt learning, damage the institution’s reputation, and lead to financial losses. In some cases, ransomware attacks have forced colleges and universities to close for days or even weeks. Here are a few examples of college ransomware attacks in the U.S. that affected the operations of various higher education institutions:

• In 2020, the University of Utah was targeted by a ransomware attack that encrypted the university’s data and disabled access to certain online systems, including student emails and some course websites. The university paid a ransom of $457,000 to recover the data
• In 2021, Howard University was hit by a ransomware attack that encrypted its data, with the attackers demanding a ransom payment of $6 million. The university refused to pay the ransom and was able to recover its data from backups. However, the attack caused significant disruption to the university’s operations
• In 2016, the University of Calgary experienced a “SamSam” ransomware attack that encrypted critical research data. The institution paid an estimated $20,000 to the hackers to restore access
• In 2020, the University of California, San Francisco (UCSF) was hit by a ransomware attack that encrypted its data, with a demanded ransom payment of $1.14 million. The university paid the ransom to recover its data quickly and minimize the disruption to its operations

Steps To Prevent College Ransomware Attacks

[Image suggestion: An image of a digital lock or padlock symbolizing data encryption]

College networks are particularly vulnerable to cyberattacks due to an abundance of connected devices. Here are a few tips to help protect against a college cyberattack:

1. Keeping systems and software updated
2. Educating staff on cyber threats
3. Implementing strong access policies
4. Monitoring for suspicious activities
5. Using reliable antivirus solutions
6. Encrypting important data
7. Encouraging parental involvement

Keeping Systems and Software Updated

One major step toward greater security is keeping all systems and software updated with the most current versions available. This helps ensure that any bugs or gaps in the system are plugged before they become vulnerable to malicious software. Additionally, college institutions should make sure that firewalls and other security protocols are in place for maximum protection and scan their systems regularly to check for any suspicious activity.

Educating Staff on Cyber Threats

Educating college staff on cyber threats and safe digital practices is a key step in preventing ransomware attacks. Staff need to be aware of the dangers and understand the techniques they can use to mitigate risk, including:

• Staying vigilant for phishing emails
• Exercising caution when downloading files from unknown sources
• Backing up data regularly to reduce the impact should an attack occur

Implementing Strong Access Policies

Strong access policies are essential in preventing college ransomware attacks. Universities should create unique passwords for each of their employees and limit the use of common passwords across multiple accounts.

Additionally, automatic logouts after a certain period of inactivity must be implemented to help reduce unauthorized access attempts from malicious individuals. Finally, regular phishing simulations should test how aware the staff is of the importance of safeguarding access.

Monitoring for Suspicious Activities

Colleges need to stay vigilant over the looming threat of ransomware attacks. Intensive and regular monitoring for any suspicious activities can prove helpful in this regard—this includes staying alert to unauthorized access, phishing attempts, suspicious emails, and other forms of cyberattack.

Actively scanning networks and systems for unusual activity helps identify possible points of entry promptly and reduce the risk of attackers exploiting them. 

Using Reliable Antivirus Solutions

Regardless of a school network’s size and complexity, reliable antivirus solutions are key to defending against threats and ensuring data security. College IT departments must take proactive steps such as regularly updating virus protection software and patching vulnerable software applications. In addition, limiting access to privileged individuals only can greatly reduce the chances of successful cyberattacks. Security measures need to be dynamic and responsive to stay current with rapidly changing threats.

Encrypting Important Data

College ransomware attacks pose a significant threat to data privacy and security. To avoid compromising vital information, it’s important to encrypt essential data, such as research papers, academic records, personal information, and financial records, using secure protocols like BitLocker or GPG.

Encouraging Parental Involvement

While colleges should fulfill their part in ensuring the security of children’s and staff’s information from potential cyberattacks, students and their parents should shoulder their share of responsibility in this critical endeavor, too. Statistics show that a child’s identity is stolen every 30 seconds, and investing in an identity protection service like FreeKick can give you peace of mind knowing that your college-aged child’s identity is protected 24/7.

FreeKick—Reduce the Risk of Identity Fraud and Build Your Child’s Credit

Powered by Austin Capital Bank, FreeKick provides a comprehensive set of services that monitor, safeguard, and restore the identities of your whole family. FreeKick offers identity monitoring services for up to two parents and six children aged 0 to 25. But there’s more—FreeKick also provides credit-building features for children aged 13 to 25.

Identity Protection Services

To help reduce the chances of identity theft, FreeKick has implemented a comprehensive set of security features for adults, as well as security measures tailored for minor children.

Services for Adult Children and Parents	Services for Minor Children
Credit profile monitoring SSN monitoring Dark web monitoring for personal information Up to $1 million identity theft insurance Full-service white-glove concierge credit restoration Lost wallet protection Court records monitoring Change of address monitoring Non-credit (Payday) loan monitoring Free FICO® Score monthly FICO® Score factors Experian credit report monthly	Credit profile monitoring SSN monitoring Dark web monitoring for children’s personal information Up to $1 million identity theft insurance Full-service white-glove concierge credit restoration Sex offender monitoring—based on sponsor parent’s address

Parent-Sponsored Credit Building and Credit Profile Monitoring

FreeKick goes beyond ID monitoring by providing an automated credit-building feature to help your children establish a solid financial foundation from a young age. This feature can help your children develop good credit habits and build a strong credit score, which can possibly save them more than $200,000 in loans and interest over their lifetime.

FreeKick makes credit building easy—as a parent, you can select Activate Credit Building in your account dashboard once your child turns 13. Children can select Activate Credit Reporting once they turn 18 (19 in Alabama), as credit bureaus don’t allow reporting for minors. Once credit reporting is activated, a credit account for $1,000 will be reported to all three major consumer credit bureaus:

• Experian
• Equifax
• TransUnion

Here’s a quick breakdown of how the process works:

1. Create a FreeKick Account—Visit FreeKick.bank and select the plan that suits your budget
2. Set It and Forget It—Once you’ve initiated credit building, FreeKick will establish a 12-month credit history for your child through a no-interest installment loan
3. Keep Growing—After the initial 12-month term, you can choose to renew your account to further enhance your child’s credit score

FreeKick Pricing

FreeKick offers various pricing options to choose from depending on your needs and budget. All plans come with FDIC insurance coverage of up to $250,000.

Deposit	Annual Fee
$3,000	$0 (Free)
No deposit	$149

Take the first step in securing your children’s financial future and enhancing identity security for your family—sign up for FreeKick today.