180 ransomware attacks plague education sector worldwide in 2025 through Q3

到2025年第三季度，全球教育行业将遭受180起勒索软件攻击

Dive Brief:

深入介绍：

The education sector saw 180 ransomware attacks worldwide in the first three quarters of the year — a 6% year-over-year increase from the 170 attacks recorded in 2024, according to Comparitech data released Thursday. The findings include both confirmed and unconfirmed attacks.

据Comparitech周四发布的数据显示，今年前三季度，全球教育行业遭受了180次勒索软件攻击，比2024年的170次勒索软件攻击同比增长6%。调查结果包括已证实的和未证实的袭击。

Most of the 2025 ransomware attacks — 95 out of 180 — were in the U.S. Some 35 of those 95 attacks have been confirmed by the targeted schools so far. The number of confirmed attacks is expected to climb in the coming months, as breaches are often reported some time after an attack.

2025次勒索软件攻击中的大多数——180次中的95次——发生在美国。到目前为止，这95次攻击中有35次已经被目标学校证实。预计在未来几个月，已确认的攻击数量将会攀升，因为攻击通常会在一段时间后才被报告。

Still, the past two quarters marked the first dip in attacks since the start of 2024, which could indicate "a more positive outlook for the education sector," according to the cybersecurity and online privacy product review website.

尽管如此，根据网络安全和在线隐私产品评论网站的说法，过去两个季度是自2024年初以来攻击次数首次下降，这可能表明“教育部门的前景更加乐观”。

Dive Insight:

深入调察：

The ransom demand across all 180 attacks globally averaged $444,400.

全球180起攻击的赎金要求平均为444,400美元。

"This definitely isn't the time to get complacent," said Rebecca Moody, head of data research at Comparitech, in an email to K-12 Dive on Thursday. "These attacks, and their subsequent breaches, remain a dominant threat. That's why it's imperative schools and colleges of all sizes take key steps to try and mitigate their risks."

“现在绝对不是自满的时候，”Comparitech数据研究主管丽贝卡·穆迪（Rebecca Moody）周四在给K-12 Dive的电子邮件中说。“这些攻击以及随后的违规行为仍然是一个主要威胁。这就是为什么各种规模的学校和大学都必须采取关键措施，试图降低风险。”

Many of the confirmed attacks resulted in systems going offline, leading to network disruptions and classes being cancelled for days or weeks. The incidents led to stolen data more often than not, with an average of 2.6 terabytes worth of data stolen per attack.

许多已确认的攻击导致系统离线，导致网络中断，课程取消数天或数周。这些事件往往导致数据被盗，每次攻击平均有2.6 tb的数据被盗。

In South Carolina’s Cherokee County School District, for example, a confirmed March attack affected systems for around a week and resulted in 624 gigabytes of data allegedly stolen. Last month, the school district reported that data from 46,000 people was impacted.

例如，在南卡罗来纳州的切罗基县学区，3月份的一次确认攻击影响了大约一周的系统，导致624千兆字节的数据被盗。上个月，该学区报告称，4.6万人的数据受到了影响。

A 2023 Comparitech report estimated the cost of ransomware attacks on K-12 and higher education institutions globally at over $53 billion in downtime between 2018 and mid-September 2023.

2023年Comparitech的一份报告估计，在2018年至2023年9月中旬期间，全球K-12和高等教育机构遭受勒索软件攻击的损失超过530亿美元。

To prevent ransomware attacks, Moody said schools should keep systems up to date, patch vulnerabilities as soon as they're flagged, and conduct regular cybersecurity training for employees.

为了防止勒索软件攻击，穆迪表示，学校应该让系统保持最新状态，一旦发现漏洞就立即修补，并定期对员工进行网络安全培训。

"A worst-case scenario plan should also be in place because, as gangs continue to exploit vulnerabilities via third parties, even schools with the best cybersecurity standards can be left vulnerable if the third parties they're working with are targeted," said Moody.

穆迪表示：“我们还应该制定最坏情况的计划，因为随着犯罪团伙继续通过第三方利用漏洞，如果与他们合作的第三方成为攻击目标，即使是拥有最好网络安全标准的学校也可能变得脆弱。”

Likewise, cybersecurity experts suggest that school districts implement phishing tests, establish a backup network and tap into state and federal support such as cybersecurity advisors to prevent and respond to ransomware attacks.

同样，网络安全专家建议学区实施网络钓鱼测试，建立备份网络，并且利用州和联邦的支持，比如网络安全顾问，以便防止和应对勒索软件攻击。

Phishing, which often seeks to trick staff into revealing login credentials, can target high-profile employees more often than others, such as those working in human resources, business, the superintendency and other administrative roles with access to sensitive data.

网络钓鱼通常试图欺骗员工泄露登录凭证，针对的目标往往是知名度高的员工，比如那些在人力资源、商业、监管和其他管理岗位工作的人，他们可以访问敏感数据。