Following a rise in attacks on the education sector the UK’s leading cybersecurity authority has updated its guidance on ransomware.

The National Cyber Security Centre (NCSC) said it was investigating another rise in attacks targeting schools, univertsities and colleges. 

“Ransomware attacks can have a devastating impact on organizations, with victims requiring a significant amount of recovery time to reinstate critical services. These events can also be high profile in nature, with wide public and media interest,” the NCSC said. 

“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records as well as data relating to COVID-19 testing.”

The NCSC highlighted that the targeting of networks through VPNs and remote desktop protocol (RDP) endpoints by exploiting lack of multi-factor authentication (MFA), weak passwords or exploiting unpatched bags - have become a recent trend.

In March the Harris Federation, which runs 50 primary and secondary schools in the London area was struck by a ransomware attack which impacted nearly 40,000 pupiles. Most recently both the University of Hertfordshire and the University of Portsmouth was targeted by ransomware threat actors.

To help disrupt ransomware attack vectors the authority recommended a defense-in-depth approach to protection, including anti-virus, prompt patching and MFA.


PrivSec Global

Register to PrivSec Global and tune into to the ”Phishing, Ransomware Prevention Plans and Staying One Step Ahead of Cybercriminals” panel discussion on June 23 at 1:00pm BST | 2:00pm CEST | 8:00pm HK.

Speakers include:

  • Joel Schwarz, Director, MBL Technologies
  • Claudio Cilli, Ph.D., Professor, University of Rome
  • Andrew Rigney, Director Of Cyber Security Operations, Netjets

Register now