UK Education Sector Suffered Most from Ransomware in 2022

Written by

The education sector in the UK was hit far more by ransomware than in other countries last year thanks to targeting by the Vice Society group, according to Malwarebytes.

The security vendor’s latest findings from April 2022 to March 2023 are based on known attacks where victims opted not to pay a ransom, so the real figures could be even higher.

It revealed that the education vertical accounted for 16% of attacks in the UK compared to 4% in France and Germany, and 7% in the US.

Read more about ransomware attacks on schools: Vice Society Ransomware Campaigns Continue to Impact US Education Sector.

Malwarebytes claimed the primary reason for this disparity was down to Vice Society.

“The UK is one of Vice Society’s favourite targets, accounting for 21% of the group’s known attacks in the past 12 months, a close second to the US which accounted for 23%, and vastly more than the next country, Spain, which accounted for 8%,” it explained in a blog post.

“Sadly, Vice Society’s disproportionate interest in the UK lands squarely on the education sector. Some 76% of Vice Society’s known attacks in the UK over the past 12 months hit the education sector, and Vice Society was responsible for 70% of known attacks on UK education institutions.”

Vice Society uses tried-and-tested tactics in its attacks, such as phishing, compromised credentials and exploits for initial access, and legitimate tooling like Windows Management Instrumentation (WMI) for post-intrusion activity, Malwarebytes explained.

“We can only speculate about why Vice Society has such an appetite for UK schools, colleges and universities, but we know the sector is not exactly awash with money,” the vendor continued.

“In 2021, this author interviewed a number of people involved in providing cyber protection for UK schools. The picture in each was the same: cybersecurity was one responsibility among many being carried by very small numbers of IT staff who were under tremendous pressure and ill-equipped to fight off the attentions of a ransomware gang like Vice Society.”

Overall, the UK suffered more ransomware attacks than any other country bar the US over the past 12 months, although there was a significant gulf in attack volumes between the two. However, when measured by economic output, the two countries are virtually neck and neck, with Canada and Spain the hardest hit globally.

When assessed per capita, the US is once again the most attacked country, followed by Canada, Australia and then the UK, according to the report.

What’s hot on Infosecurity Magazine?