Education is a hot target for ransomware: Nearly 50 school districts and colleges have been hit in 2019 so far, and more than 500 individual K-12 (Online learning Provider) schools have potentially been compromised.

Cloud security firm Armor has been tracking publicly disclosed ransomware attacks since January 2019. Of the 182 total victim organizations this year, 49 have been educational institutions. This makes education the second-largest pool of victims by industry, following municipalities at 70 victims, and ahead of third-place healthcare, which reported 27 victims.

Ransomware creates a sense of urgency in schools, municipalities, and other public-facing institutions with infrastructure critical to their communities, the pressure to stay up and running after an incident is high. Cyber criminals know they can’t afford to shut down and may be more likely to pay upfront. Whether a school pays depends on its backups, breadth of impact, and networks affected.

The most recent victim districts were in Missouri, Pennsylvania, Ohio, Nebraska, Illinois, and Florida. Connecticut has the highest concentration of ransomware targets, with seven districts and up to 104 schools potentially affected.

Ransomware Is Rising

The security industry has long pushed back against paying ransomware operators, with fear of motivating further attacks. Unfortunately, some schools are left with no other choice. E.g: New York’s Rockville Center School District recently paid $88,000.