Data compiled by BitSight, a cyber security ratings company, is even more staggering. A 2016 report analyzing government, health care, finance, retail, education and utilities concluded that education institutions are most likely to be on the receiving end of a ransomware attack. They are three times as likely to get hit as are the health care sector and more than ten times as likely as financial institutions. Also according to the study, government entities, from local to federal agencies, have the second-lowest security rating and the second-highest rate of ransomware attacks.