There has been considerable growth in cyberattacks since the start of lockdown with criminals looking for vulnerable companies and organisations.
However, there has been a surge in the number of attacks on educational establishments since late February. This surge corresponded with schools, colleges and universities welcoming pupils and students back to the classroom.
The National Cyber Security Centre (NCSC), which is part of GCHQ, has recommended a defence in depth strategy to prevent and mitigate attacks. They have published an alert to education establishments warning of an increase in ransomware attacks and setting out steps they can take to keep criminals out of their networks.
The NCSC has dealt with a significant increase in the number of attacks since late February. These have caused various levels of disruption, including targeting financial records, and are unlikely to have been conducted by just one hacker or group.
Their advice involves taking a number of steps including:
- Installing antivirus software
- Implementing mechanisms to prevent phishing attacks
- Having up-to-date and tested offline backups. Offline backups are the most effective way to recover from a ransomware attack
“Any targeting of the education sector by cyber criminals is completely unacceptable.
“This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted.
“We are committed to ensuring the UK education sector is resilient against cyber threats, and have published practical resources to help establishments improve their cyber security and response to cyber incidents.” said Paul Chichester, Director of Operations at the NCSC.
While Steve Kennett, executive director of e-infrastructure at the UK’s digital body for tertiary education, Jisc, added:
“Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what a devastating impact this crime has on the sector.”
“I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected.”
Often the aim of cyber criminals deploying ransomware is to encrypt data that will have the most impact on an organisation’s services. This can affect access to computer networks as well as services including email systems and websites.
The NCSC previously reported an increase in ransomware attacks on the UK education sector in August and September 2020, and has updated this alert in line with the latest activity.
Alongside the updated alert, network defenders are also urged to read the NCSC’s mitigating malware and ransomware guidance, and to plan and rehearse ransomware scenarios in the event that defences are breached.
The increase in malware infections leading to ransomware demands have seriously impact some universities, schools and colleges whether through losing access to key data or being unable to teach.
“We believe that in many cases these issues were avoidable, and we welcome the actions of the NCSC in alerting the sector to some of the precautions they can take – to both minimise the likelihood of such an attack, as well as to mitigate the impact that one may have upon their ongoing operation.” commented Matt Bearpark, Head of Product for Connectivity and Online Safety at the provider of technology and resources to education sector RM plc.
Beyond the broad measures recommended by NCSC, the next step to avoid issues is to have your cybersecurity assessed including a list of found weaknesses, their risk factor and associated recommendations. This allows you to make an informed decision on what needs to be done to protect your institution. The Cyber Tzat platform gives you an independent score with a list of associated recommendations at an affordable cost.
