According to an education charity, dozens of schools in the UK were hit by a “highly sophisticated” cyberattack that affected nearly 40,000 pupils. Last week, the National Cyber Security Center issued an alert for a spike in ransomware attacks targeted at schools, colleges, and universities in the UK. Harris Foundation, which educates some 37,000 pupils across 50 primary and secondary schools across London and Essex, said it was hit by an attack that impacted “all our academies.”
‘As has happened in the NHS in 2017, in local government and at least three other schools groups in March alone, we have unfortunately been subject to a particularly vicious ransomware attack,’ said a spokesperson for Harris Federation.
Harris Federation employees noticed the attack on Saturday and aimed to resolve it over the weekend but clarified the academies were still open in the meantime. The charity released a statement to parents and pupils, saying, ‘A ransomware attack means that cyber-criminals have accessed our IT systems and encrypted, or hidden, their contents.’ ‘This is a highly sophisticated attack that will have significant impact on our academies, but it will take time to uncover the exact details of what has or has not happened and to resolve.”
The charity took the precaution of temporarily suspending email and telephone systems at academies and on devices owned by the company and used by pupils.
The NCSC issued a statement saying they were aware of the incident and are working together with law enforcement to determine the full impact of the attack. The NCSC issued an alert on Tuesday warning of an increased number of ransomware attacks since February, along with a set of ransomware and malware guidance.
Ransomware is a form of malware that prevents users from accessing systems and the data on them. These viruses commonly encrypt the data, but the data could also be stolen or deleted by the attackers. Attackers often send ransom notes to victims with ransom demands. Victims are supposed to pay a specific amount in cryptocurrency to regain access to their devices.
The NCSC warns, ‘There are many high-profile cases where the cybercriminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the darknet.’