Cyber Security alert issued as academic ransomware attacks rise

Stephen Chapman's picture

The National Cyber Security Centre (NCSC) has issued an alert, after a rising number of ransomware attacks on academic institutions in the UK.

Earlier this summer, at least 3 Universities in the North of England had student and alumni data stolen in a ransomware attack on Blackbaud.

In August, NCSC, which is part of GCHQ, said it had seen a spike in attacks, because cyber criminals were focusing on the the return of students.

“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible,” said Paul Chichester, Director of Operations at the NCSC.

“While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted.

“We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves.”

NCSC has urged schools, colleges and universities to take immediate steps, including ensuring that data is backed up and also stored offline.

It’s also released updated guidance on malware and ransomware attacks and recommended that organisations develop an incident response plan which they regularly test.

“As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems and keep learning happening, whatever the circumstance,” stated David Corke, Director of Education and Skills Policy at the Association of Colleges.

“This needs a whole college approach and for a focus wider than just systems, it needs to include supporting leaders, teachers and students to recognise threats, mitigate against them, and act decisively when something goes wrong.

“This guidance will prove incredibly useful for colleges to ensure that they can do just that.”

Some institutions that have been infected by ransomware have said it has taken weeks and months for services to return to normal.