Ransomware and other attacks continue to be a great threat to schools. Education is an attractive objective for computer pirates due to the level of school data networks of students who often contain.
A new cybersecurity report of travelers, a cyber insurance company, discovered that ransomware attacks increased by 32% of Q3 to Q4 Cybersecurity report of 2025 state of K-12
Randy Rose, Vice President of Operations and Safety Intelligence in CIS, analyzes recent trends in ransomware and cybersecurity, and shares advice on how schools can continue to overcome these attacks and maintain their networks and safe data.
Increased attack attacks “
The “spoiled”, ransomware attacks that obtain entry into school networks through the malicious code hidden in advertisements, have become more common, serving as a vector for malware 63% of the time. These attacks can use irrigation hole Adware attacks, in which the malicious code is placed in the advertisements of accredited sites that teachers or students can commonly visit from their school devices.
“These advertisers tend to be criminal actors who specialize in early entrance, so they get access to systems,” says Rose. “In general, what ends up happening is to rent advertising space, usually through a third party.”
The newspaper advertising space can be sold several times by several accredited companies, but finally, someone accidentally sells a hacker space.
“Then, a couple of layers, you end with a criminal actor who is buying that advertising space, and they are putting malicious code in those ads,” says Rose. “When you visit that website, its browser, which is building the website on the march, is actually executing a code in that announcement. That code is looking for vulnerability in its browser or in its local system.”
The emergence of ransomware groups
The travelers report highlights the emergence of 55 new ransomware groups in 2024. Many of these groups of computer pirates were supported by state-state resources, while others were groups of more affiliated cybernotent outbreaks with complementary skills.
“Ransomware in particular, it is difficult to specifically specify who is doing what, because the actors who are associated with a group may not have a particular loyalty to that group, and could operate under multiple ransomware organizations at the same time,” says Rose. “If I am one of those initial access runners, and I am really good to get access to the networks, I could sell my access to four or five different ransomware affiliates.”
Personalized rescue demands
By hacking groups obtain confidential information about students and teachers, they do not always threaten the school or the district.
“We have seen with a couple of ransomware groups where teachers and students and students are intended specifically, and look for them to try to press schools to pay,” says Rose. “When they go after interested parties, that is an attempt to triple extortion.”
In addition, human vulnerability is often aimed at initial attacks. According to the CEI report, cyber threat actors are directed to human behavior 45% more often than technical vulnerabilities.
Keep safe networks
Rose recommends that schools follow the cis Community Defense Model
“If you place essential security controls instead, you compensate for your risk by 90%,” he says. “Although threats are becoming more sophisticated, you are really preparing for success by focusing on simple tasks.”
In addition to the action, such as ensuring that there is a backup out of the data line and that all applications are regularly updated, culture is important, particularly a culture that does not stigmatizes the reports of possible hacks.
“Some of the best directors of information security and IT directors who know that they really do not have a trial, there is no punishment policy,” he says. These technology school leaders let their interested parties know that they can “come to us and share the things that are happening, and we will work together,” he adds. “You are not going to get into trouble to highlight a security problem with us.”
NEWSLETTER
