National Cyber Security Centre warns of increased ransomware attacks on education sector

The Centre has published advice and additional support for schools, colleges and universities following a spike in targeted cyber-attacks last month

The National Cyber Security Centre (NCSC), part of GCHQ, has today (23 March) published an updated alert to warn education institutions of a rise in targeted ransomware attacks.

Following a significant spike in cyber-breaches since late February this year – when schools were preparing to open their doors to students following the latest COVID-19 lockdown – the NCSC has issued advice from security experts to help establishments navigate harmful online threats, laying out a series of practical steps IT leaders can take to protect their institution’s networks. The Centre suggests that these recommendations be implemented as a ‘defence in depth’ strategy, which includes installing and enabling antivirus software, and employing up-to-date and tested offline back-ups.

This is a growing threat and we strongly encourage schools, colleges and universities to act on our guidance and help ensure their students can continue their education uninterrupted” – Paul Chichester, NCSC

While operational details can’t be disclosed, the NCSC has no reason to suspect that the attacks derive from the same criminal actor. The threats have caused various levels of disruption, with a number taking aim at schools’ financial records.

“Any targeting of the education sector by cyber criminals is completely unacceptable,” commented Paul Chichester, director of operations at the NCSC.

“This is a growing threat and we strongly encourage schools, colleges and universities to act on our guidance and help ensure their students can continue their education uninterrupted.

“We are committed to ensuring the UK education sector is resilient against cyber threats, and have published practical resources to help establishments improve their cyber security in response to cyber incidents.”

In most cases, the primary goal when cyber criminals deploy ransomware is to encrypt data that will have the biggest impact on an organisation’s functionality. This can include access to computer networks, as well as services such as email systems and websites.

The news follows the NCSC’s previous report on a rise in ransomware attacks in August and September last year, and so has amended the 2020 warning in line with the most recent activity.

On top of acknowledging the renewed alert, the Centre has urged network defenders to read its guidance on mitigating malware and ransomware, as well as to plan and rehearse ransomware scenarios in the event that defences are breached.

On the recent surge in attacks, Steve Kennett, director of e-ifrastructure at edtech non-profit Jisc, commented: “Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what devastating impact this crime has on the sectlor.

“I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected.”

In other news: Institute for Ethical AI in Education publishes new guidance for procuring AI teaching tools


Leave a Reply

How to engage parents and families in their child’s learning journey

Join this webinar and we will be asking the question “Do you really engage your parents?” and our expert panel will discuss and answer questions