Hackers target schools and universities as the academic year begins
Image credit: Proof Communication
Schools, colleges and universities in the UK are at greater threat of cyber attack as the academic year begins in earnest, the National Cyber Security Centre (NCSC) has warned.
A recent spike in ransomware attacks has led to the NCSC warning institutions to ramp up their cyber defences or risk derailing their preparations for the new term.
The NCSC dealt with several ransomware attacks against education establishments in August, which caused varying levels of disruption, depending on the level of security the establishments affected had in place.
Ransomware attacks typically involve the encryption of an organisation’s data by cyber criminals, who then demand money in exchange for its recovery.
With education institutions either having already welcomed pupils and students back for a new term, or preparing to do so shortly, the NCSC’s alert urges them all to take immediate preventative steps, such as ensuring data is both backed up and also stored on copies offline.
Paul Chichester, director of operations at the NCSC, said: “This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible. While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest to help ensure young people are able to return to education undisrupted.
“We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats and will not hesitate to act when that threat evolves.”
In July, the NCSC, along with agencies in the US and Canada warned that cyber criminals were targeting healthcare organisations working on coronavirus research and potential vaccines.
David Corke, director of education and skills policy at the Association of Colleges, said: “As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems and keep learning happening, whatever the circumstance.
“This needs a whole-college approach and for a focus wider than just systems; it needs to include supporting leaders, teachers and students to recognise threats, mitigate against them and act decisively when something goes wrong. This guidance will prove incredibly useful for colleges to ensure that they can do just that.”
The NSCS said that institutions infected with ransomware have seen their ability to operate effectively significantly obstructed and depending on an organisation’s level of resilience, it can take weeks or even months for services to return to normal.
Often the aim of cyber criminals deploying ransomware is to encrypt data that will have the most impact on an organisation’s services. This can affect access to computer networks as well as services including telephone systems and websites.
A recent report found that one in six firms simply meet the demands of hackers in order to get their data back.
In the first month of lockdown earlier this year, City of London Police said they saw a 72 per cent surge in financial losses from cyber-crime as criminals took advantage of the shift to home working.
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.