When it comes to cyberattacks, especially ransomware, education has become cybercriminals' most-targeted industry. Through the first half of 2025, education organizations — including universities and colleges — have faced a sharp increase in attacks, weathering an average of 4,356 attacks per organization each week, which represents a 41% year-over-year increase, according to Check Point This increase in attacks has coincided with a change in ransomware tactics by attackers.

But the threat is evolving.

“In the past 18 months, we’ve seen an evolution in how ransomware attacks are occurring,” explains Matt Trudewind, cybersecurity architect for U.S. Public Sector at NetApp. “The typical data lockout approach has evolved into a data breach or data exfiltration type of attack. The attacker not only encrypts data to deny access, they then move the data to an offsite location accessible by the attacker. Then, the attacker threatens to publicly release data if the ransom is not paid.”

DISCOVER: Better protect your data by finding the right NetApp solutions for your organization.