Coro Cybersecurity received an AAA Rating from SE Labs for Enterprise Advanced Security Protection. Read the report
Coro Cybersecurity

Here's why schools are lucrative targets for cybercriminals

February 1, 2023

Did you know that education was the most targeted industry globally in 2022? The first half of 2022 saw an average of 2297 cyberattacks against educational organizations each week, an eye-watering 44% increase compared to the same period in 20211. It's a worrying picture. But why are threat actors increasingly targeting the education sector? And why should cybersecurity for schools be a top priority in 2023 and beyond? Let's get into it.  

Schools: a perfect target 

Schools and education districts are increasingly finding themselves at the center of malware and ransomware attacks from all corners of the internet. But the question remains, why? It makes sense when large corporations like Uber fall victim to a data breach. Giant companies typically store vast troves of consumer data, plenty of which is immediately valuable to hackers. Examples include credit card information, login credentials, email addresses, phone numbers, full names, and birthdays.  

By comparison, schools might not seem as enticing. They don't immediately come to mind when you think of the industry most likely to be hit with a cyberattack, yet they are. Here's why.  

Schools often have weak cybersecurity 

Cybercriminals aren't solely focused on targeting the most high-profile companies. While threat actors stand to gain a lot from a successful attack against a Fortune 100 company, the probability of executing a successful attack is relatively small. This is because high-profile companies typically have robust cyber defenses and highly-skilled cybersecurity workers.  

By contrast, educational institutions often have limited budgets and can't invest large amounts of resources into cybersecurity. As a result, schools often have weak cyber defenses or unpatched vulnerabilities that hackers can more easily exploit.  

Data theft 

Educational institutions still hold vast amounts of data about students, employees, contractors, and donors, including home addresses, email addresses, full names, and birthdays. Hackers can leverage this data in future social engineering, identity theft, or account takeover attacks.  


Many higher education institutions hold very valuable intellectual property, especially in critical areas like engineering and medicine. Attackers can steal this data, hold it for ransom, or sell it to competitors or other countries.  

Ransomware attacks work 

According to the State of Ransomware in Education 2022 report, 56% of lower education and 64% of higher education respondents had been hit by ransomware in the past year2. And alarmingly, about half of those surveyed admitted to paying the ransom3. When schools pay up, it encourages threat actors to continue hitting the sector with ransomware attacks.  

Cybersecurity for schools: what's next? 

Skyrocketing cyberattacks are putting the education sector under more pressure than ever before, and this trend looks set to continue as cybercriminals sophisticate their techniques. With this in mind, educational institutions must fight back by taking a dedicated approach to cybersecurity. Robust cybersecurity for schools is a must-have in today's increasingly severe cyber threat landscape. Luckily, Coro can help. Our AI-driven platform requires minimal human interaction, making it perfect for busy schools, colleges, and universities. 

Want to learn more about what makes our award-winning platform so unique?