/Passle/66030b5f24299750fade21de/SearchServiceImages/2025-07-23-18-31-52-613-68812a98896cd4b04272c201.jpg)
A report by Comparitech, a cybersecurity firm that offers guidance to help organizations enhance their online security and privacy, found that ransomware attacks targeting the education sector have increased by 23% compared to the previous year, according to K-12 Dive. In a ransomware attack, malware enters a system through infected websites, vulnerabilities in software, or attachments in emails. After the malware enters a system, it encrypts files which makes them inaccessible to the user. Cybercriminals then demand a ransom payment, commonly in cryptocurrency, to decrypt the data.
Through the first half of 2025, education was the fourth section most targeted for ransomware attacks. Hackers target educational institutions because of gaps in cybersecurity and increased digitization of student and staff data. According to a report from the nonprofit Center for Internet Security, 82% of K-12 schools in the U.S. have experienced a cyber incident between July 2023 and December 2024. In attacks against educational institutions, there is an average ransom demand of $556,000. Earlier this year, a college student plead guilty to allegedly hacking and extorting a student information software provider, PowerSchool, for $2.85 million.
Preventatively, school districts can avoid cyber threats and attacks by investing in cybersecurity insurance. Incorporating multifactor authentication for accessing files can also help prevent ransomware attacks. Pursuant to guidance from the Federal Bureau of Investigation, paying ransoms can encourage further cyberattacks without guaranteeing that stolen data will be returned.
