At the end of a really busy term, this isn’t great timing but ….
UK’s National Cyber Security Centre
The UK’s National Cyber Security Centre (NCSC) has issued another alert warning of an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities, since February.
Increase in Ransomware Attacks
Ransomware attacks can have a devastating impact on organisations, with victims requiring a significant amount of recovery time to reinstate critical services. These events can also be high profile in nature, with wide public and media interest. Typically they encrypt data, making it inaccessible, demanding payment to recover the data and threatening to release sensitive data publicly if the ransom is not paid.
The NCSC reports that In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing.
Backup Strategy
It is therefore vital that organisations have up-to-date and tested offline backups.
Updated Guidance from NCSC
Due to the prevalence of these attacks, the NCSC is strongly recommending that schools follow their updated guidance on mitigating malware and ransomware which can be found here.
The alert can be found here. It is intended for IT colleagues and the NCSC recommends discussing its advice with your IT providers if you are using outsourced services.
The NCSC also says it is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their schools in terms of lost data and access to critical services.
Further Advice
For more information/advice and guidance on cyber security for schools, see my previous post Cyber Security – Phishing Attacks.