Schools and universities on alert following ‘reprehensible’ rise in cyber-attacks

Government cyber security experts have told schools, colleges and universities to be on alert following a reported rise in cyber-attacks.

August saw increasing numbers of attempted infiltrations of UK academia as the sector’s attention was focused on ensuring the safe return of students amid the coronavirus pandemic, the National Cyber Security Centre (NCSC) said.

The agency, which is part of GCHQ, said it dealt with several ransomware attacks against education establishments last month, which caused varying levels of disruption depending on the level of security establishments had in place.

Some attacks had “the potential to de-rail their preparations for the new term”, the NCSC said.

On Thursday, agents stepped up support for the sector, issuing updated guidance for how institutions can keep cyber criminals out of their networks.

“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible,” said NCSC director of operations, Paul Chichester.

“While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted.

“We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves.”

Ransomware attacks typically shut off users’ access to their computer systems or data, with cyber criminals then demanding cryptocurrencies in exchange for its recovery.

Often the aim is to encrypt data that will have the most impact on an organisation’s services, which can see access to computer networks, telephone systems and websites targeted. 

Institutions that have been infected with ransomware have been “significantly obstructed”, and those with less resilient systems in place have been forced to wait weeks – and in some cases months - for services to return to normal, the agency said.

There is an increasing trend for attackers to also threaten to release sensitive data stolen from the network if the ransom is not paid. There are many high-profile cases where the cyber criminals have followed through with these threats, releasing sensitive data to the public.

“As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems and keep learning happening, whatever the circumstance,” said the Association of Colleges’ director of education and skills policy, David Corke.

“This needs a whole college approach and for a focus wider than just systems, it needs to include supporting leaders, teachers and students to recognise threats, mitigate against them, and act decisively when something goes wrong.

“This guidance will prove incredibly useful for colleges to ensure that they can do just that.”