The Department for Education has urged schools to confirm they have ramped up protection for their systems and data following a new round of targeted ransomware attacks.
Alarmed by a rising number of victims in the education sector, the DFE was first prompted to write to schools last August, warning they should review their cyber security.
Following another sharp increase in attacks on schools and colleges since February, leading to the loss of financial records, student coursework and Covid-19 testing data, the DfE has once again written to heads, this time seeking confirmation that adequate security measures are in place.
Targets for the recent cyber-attacks included all 17 schools in Cambridge Meridian Academies Trust, 15 schools at Nova Education Trust in Nottingham and 24 Schools across South Gloucestershire, including all seven at Castle School Education Trust.
Jon Gilbert, Chief Information Security Officer for the DfE, is now asking UK education establishments to confirm they are taking action to protect their systems and ensure that they have both a backup regime and incident management plan in place.
He wrote: “We have been working closely with the National Cyber Security Centre (NCSC) and have been made aware of an increasing number of cyber-attacks involving ransomware infections affecting the education sector recently, notably multi-academy trusts.
“These incidents appear to be financially driven but opportunistic, taking advantage of system weaknesses such as unpatched software, poor authentication systems or the susceptibility of users to misdirection.
“It is important that as heads of multi-academy trusts you understand the nature of the threat and the potential for ransomware to cause considerable damage to your institutions in terms of lost data and access to critical services, as highlighted in the NCSC Alert.”
The increase in attacks comes at a time when schools are being asked to rely heavily on technology, carry out additional reporting and change the nature of examinations.
In the most recent DfE notification, schools are urged to confirm with their IT team or provider that:
- they are backing up the right data – including Covid-19 testing information, associated data, and data relating to exams alongside other key elements.
- backups are held fully offline and not connected to systems or in cold storage
- tests are carried out to ensure backups and restore services are working and data can be recovered
To combat this spike in malicious malware, the NCSC recommends a ‘defence-in-depth’ approach and above all urges organisations to have ‘up-to-date and tested offline backups’.
Watch Redstor’s YouTube video here to see what this means in practice.
Redstor protects the data of more than half of all schools in the UK and works closely with UK law enforcement to improve cyber resiliency.
To find out more about how Redstor can protect your data, contact us.