Mar 15 2024

Cyberattacks on Higher Ed Rose Dramatically Last Year, Report Shows

The Malwarebytes annual threat report calls 2023 “the worst ransomware year on record” after attacks spike by 70 percent.

Higher education institutions were once again inundated by cyberattacks in 2023, according to a report from Malwarebytes, which called it “the worst ransomware year on record” for the education sector.

The grim statistics include a 105 percent increase in known ransomware attacks against K–12 and higher education, surging from 129 in 2022 to 265 last year. In higher education specifically, attacks were up 70 percent (68 in 2022 to 116 in 2023). Those numbers are based only on incidents in which a ransom was not paid, the report notes, meaning that the actual number of attacks was probably significantly higher.

While the numbers are staggering, the increase is in line with an overall spike in ransomware attacks, which jumped 68 percent in 2023, Malwarebytes reports.

Click the banner below to learn how institutions can protect themselves against cyber threats.


What Is Driving the Increase in Cyberattacks in Higher Education?

Two ransomware gangs were behind much of the increase, Malwarebytes concludes, with LockBit and Rhysdia, formerly known as Vice Society, responsible for more than 100 attacks. The five most active gangs accounted for 81 percent of all attacks on education institutions.

LockBit, which Malwarebytes describes as the “most prolific ransomware gang throughout 2023,” was taken down by a multinational law enforcement effort in late February, although it’s unclear what impact that will have on future attacks in higher education.

In addition to ransomware gangs, Malwarebytes cautions against an increase in “big game” attacks, which come with weeks of planning and preparation by the attackers and ask for huge ransoms, often with the assistance of Ransomware as a Service code. A Coveware study reports that the global average ransom payment made in the second quarter of 2023 was $740,144, which was a 126 percent jump from the first quarter and by far the highest amount Coveware has reported since at least 2018.

The full Malwarebytes report also spotlights the continued use of malicious advertising (sometimes called malvertising), where cybercriminals impersonate reputable businesses to breach secure networks. Tactics include posing as popular brands or business tools and asking users to download what appears to be legitimate software but is, in fact, malware.

The rise in cyberattacks reaffirms the focus many higher education institutions are placing on security, which again ranked No. 1 on the annual EDUCAUSE Top 10 list of issues facing colleges and universities. In response, institutions are exploring the potential of zero-trust security frameworks, focusing on identity and access management, and even turning to virtual CISOs, among other tactics.

dikushin/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT