The Harris Federation which runs 50 schools in the United Kingdom, has fallen victim to a ransomware attack, just days after the National Cyber Security Centre (NCSC) warned educational establishments of an increase in such incidents.
Cyber criminals accessed Harris’ IT systems and encrypted their contents, the London-headquartered organisation said. The breach came to light on 27 March.
“This is a highly sophisticated attack that will have significant impact on our academies but it will take time to uncover the exact details of what has or has not happened, and to resolve,” the educational trust said.
As a precaution Harris’ email and telephone systems have been temporarily disabled, as have any federation devices held by pupils.
“We know that some families will have important individual concerns around data and that in these cases you will want to know more about the nature of the attack.
“Because we do not want to risk providing incorrect information, we will communicate further once we have clarity and liaise as appropriate with the Information Commissioner’s Office,” Harris said
The federation, which says it is at least the fourth multi-academy trust targeted in March, has called in a specialised firm of cyber technology consultants and is working with the National Crime Agency and the NCSC.
The federation also said it is endeavouring to keep its 50 schools in London and Essex open until the Easter holidays.
In its updated cyber security advice to the education sector, the NCSC recommends organisations implement a ‘defence in depth’ strategy. referring to an approach in which a series of security controls are layered throughout a computer network.
Register for free to receive the latest cyber security, data protection and privacy news and analysis straight to your inbox