Universities and NHS trusts in England have been hit hard by ransomware in the last year, according to Freedom of Information requests carried out by two cybersecurity firms.
By Zoe Kleinman, Technology reporter, BBC News
Bournemouth University, which boasts a cybersecurity centre, has been hit 21 times in the last 12 months.
Twenty-eight NHS Trusts said they had been affected.
Ransomware is a form of computer malware which encrypts files and then demands a ransom for their release.
It can travel via email or hide in downloadable files and programmes from corrupted sites and applications, and the ransom is usually payable in bitcoins.
Cybersecurity firm SentinelOne contacted 71 UK universities. Of the 58 which replied, 23 said they had been attacked in the last year.
None of them said it had paid a ransom but the largest sum demanded was five bitcoins (about $2,900 or £2,200), the firm said.
Only one university had contacted the police.
According to the report, two of the institutions said they did not use anti-virus software. Both have been contacted for comment.
Bournemouth University confirmed the attacks but said: “It is not uncommon for universities to be the target of cybersecurity attacks; there are security processes in place at Bournemouth University to deal with these types of incident.”
It added that there had been “no impact” on its activity as a result of the attacks.
In a separate study, security firm NCC Group asked every NHS Trust in England whether it had been a victim of ransomware.
Of the 60 responses, 28 said they had experienced an attack, one said it had not and 31 declined to comment on the grounds of patient confidentiality.
“Paying the ransom – which isn’t something we would advise – can cost significant sums of money, yet losing patient data would be a nightmare scenario for an NHS Trust,” said Ollie Whitehouse, technical director at NCC Group.
Ransomware on the rise
According to the US government, ransomware attacks in America have increased in frequency by 300% year on year in 2016, with 4,000 incidents a day now being reported.
It advises that “prevention is the best defence” and suggests the use of spam filters, firewalls, anti-virus programmes and employee training for businesses – as well as regular data back-ups.
If a computer is infected it should be removed from any network and switched off as soon as possible.