September 12, 2023

Research Reveals Education Organizations Faced a Daunting 84% Increase in Ransomware Attacks Over the Past Six Months  

Malwarebytes partners with SETDA and CoSN to bring award-winning endpoint security to IT-constrained schools nationwide 

Santa Clara, Calif. – September 12, 2023 – Malwarebytes, a global leader in real-time cyber protection, released a new report focused on the alarming uptick in ransomware attacks targeting the education sector. The 2023 State of Ransomware in Education shares fresh data and analysis about the threat actors targeting the nation’s schools. In the last year, there were 190 known ransomware attacks against educational institutions, with many more that went unreported. More distressing, the second half of the last 12 months saw an 84% uptick in attacks, with education becoming the most attacked industry overall in the USA over the last 12 months. 

The startling escalation of ransomware attacks paired with the struggle of schools to budget for and find cybersecurity talent tells a dire tale. Data from the 2022 CoSN Ed Tech Leadership Survey1 demonstrates that the availability of specialist cybersecurity positions continues to be low, only “a fifth (21%) of districts have a full-time equivalent employee dedicated to network security, the same percentage as the prior year.” An additional 33% of districts include cybersecurity responsibilities as part of another position in lieu of a full-time assigned staff member. 

“Our schools and educational institutions are under attack from cybercriminals looking to take advantage of dispersed endpoints and often limited IT staff and cybersecurity budgets,” said Robert Elworthy, Senior Solutions Engineer for Education, Malwarebytes. “The cybersecurity industry must step up to help schools and students by providing effective, easy-to-use solutions that can secure devices and data from today’s sophisticated and targeted threats.” 

Education: A Vice Society Target 

The Vice Society ransomware gang is known to focus on education organizations, targeting almost half of its activity (43%) against the sector.  

“Like all ‘big game’ ransomware attacks, a Vice Society attack is not directed at an individual computer but instead uses encryption and data theft to compromise an entire organization,” said Mark Stockley, Cybersecurity Evangelist, Malwarebytes. “Attackers may work for several days, or even weeks, inside a victims’ network before running their ransomware. Because Vice Society may be active on a network for days before running a ransomware locker, it is not enough to simply stop the locker. By the time it’s run, its operators will already have stolen data, taken steps to cover their tracks and will likely have sufficient access to a network to retry their attack.”  

Organizations need to ensure that a security analyst is able to review the path of the attack, close the open access point or vulnerability and eject their tools, account access and backdoors. Malwarebytes offers a managed 24/7/365 service, Malwarebytes MDR, to assist organizations that lack the resources for a fully staffed Security Operations Center (SOC).  

Malwarebytes Partners with SETDA and CoSN 

Malwarebytes is also partnering with the State Educational Technology Directors Association (SETDA) and the Consortium for School Networks (CoSN) to bring its award-winning endpoint solutions to educational institutions nationwide. With a commitment to both designing and pricing its solutions for K-12 education organizations, Malwarebytes will provide special offers and additional support options to the members of these marquee associations. 

To learn more about Malwarebytes for Business offerings for the education sector, including mobile security for Chromebooks and ChromeOS protection, visit:  

To read more about the latest threats and cyber protection strategies, visit our blog, or follow us on Facebook, Instagram, LinkedIn, TikTok and Twitter

About Malwarebytes 
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes’ award-winning endpoint protection, privacy and threat prevention solutions along with a world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe daily. Malwarebytes solutions are consistently recognized by independent tests including MITRE Engenuity, MRG Effitas, AVLAB and AV-TEST (consumer and business). Customers award Malwarebytes for being the most implementable and most usable endpoint protection product with the best results on G2 and Gartner Peer Insights. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.