Dozens of schools have been struck by a ‘highly sophisticated’ and ‘vicious’ cyber attack with nearly 40,000 pupils at risk, said an education charity.
The government’s National Cyber Security Centre (NCSC) last week issued an alert about a spike in so-called ransomware attacks affecting UK schools, colleges and universities.
Harris Federation, which educates 37,000 pupils in 50 primary and secondary schools in London and Essex, said it had suffered an attack ‘impacting on all our academies’.
‘As has happened in the NHS in 2017, in local government and at least three other schools groups in March alone, we have unfortunately been subject to a particularly vicious ransomware attack,’ said a spokesperson.
Harris Federation staff realised they had been targeted on Saturday and spent the weekend trying to resolve it – but said academies remain open today.
In a statement to parents and pupils, the charity said: ‘A ransomware attack means that cyber-criminals have accessed our IT systems and encrypted, or hidden, their contents.’
‘This is a highly sophisticated attack that will have significant impact on our academies but it will take time to uncover the exact details of what has or has not happened, and to resolve,’ the statement continued.
‘In addition to using the services of a specialised firm of cyber technology consultants, we are working closely with the National Crime Agency and the National Cyber Security Centre.’
As a ‘precaution’ the academies’ email and telephone systems have been temporarily suspended, along with any Harris Federation devices owned by pupils.
The organisation added: ‘We know that some families will have important individual concerns around data and that in these cases you will want to know more about the nature of the attack.
‘Because we do not want to risk providing incorrect information, we will communicate further once we have clarity and liaise as appropriate with the Information Commissioner’s Office.’
A NCSC spokesperson said: ‘We are aware of an incident affecting the Harris Federation and are working with the trust and law enforcement to fully understand its impact.’
The government body published an updated alert on Tuesday warning that there have been an ‘increased number’ of such attacks since late February, advising education establishments to follow its mitigating malware and ransomware guidance.
Ransomware is a type of malware that prevents users from accessing their systems or the data held on them, said the NCSC.
The data is usually encrypted but it can also be deleted or stolen, or the computer itself may be made inaccessible.
Hackers will often send a ransom note demanding payment in the form of a crypto currency to recover the data using an anonymous email.
‘More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid,’ the NCSC said.
‘There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the darknet.’
Get in touch with our news team by emailing us at [email protected].
For more stories like this, check our news page.