The United Kingdom’s National Cyber Security Centre (NCSC) has issued a fresh alert to schools, colleges and universities after an increase in ransomware attacks on such establishments.

“In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to Covid-19 testing,” the centre said.

“Ransomware attacks can have a devastating impact on organisations, with victims requiring a significant amount of recovery time to reinstate critical services. These events can also be high profile in nature, with wide public and media interest,” it also said.

“It is therefore vital that organisations have up-to-date and tested online backups.”

To counter the threat, the NCSC has updated cyber security advice to the education sector and recommends organisations implement a ‘defence in depth’ strategy.

In a ransomware attack data is usually encrypted, but it may be deleted or stolen, or the computer may be made inaccessible, with those responsible for the attack typically sending a ransom note demanding payment to recover the data.

The attackers usually use an anonymous email address, for example ProtonMail, to make contact and request payment in a crypto currency.

“More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid,” the NCSC said.

“There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via ‘name-and-shame’ websites on the darknet.”

The means of attack listed by the NCSC were via remote desktop protocol, virtual private networks (VPNs), phishing, and taking advantage of unpatched or insecure devices, weak passwords or a lack of multi-factor authentication.

NCSC commented: “The shift towards remote learning over the past year has meant that many organisations have rapidly deployed new networks, including VPNs and related IT infrastructure. Cyber criminals continue to take advantage of the vulnerabilities in remote access systems.”

The latest advice updates that provided last September following an increase in ransomware attacks in the sector during August and September.

Last week the NCSC issued its first-ever cyber security guidelines to pre-schools, nurseries and childminders, saying they are increasingly an appealing target for cyber criminals as early years providers are relying more on technology to operate.

PrivSec Global, a live streaming event, is currently taking place, featuring more than 200 speakers and 64 sessions on privacy, data protection and cyber-security.