Posted on March 24, 2021 at 9:45 AM
UK’s National Cyber Security Center (NCSC) has issued a warning to UK colleges and universities about the increased spate of ransomware attacks on their institutions. The NCSC warned that the management of the schools should be very vigilant to wade of or prevent the new onslaught of cybercriminals on UK schools.
The cybersecurity organization said it cannot disclose the operational details of the attacks. But it stated that it has been countering series of attacks on UK schools since last month when students were about to come back to the classroom.
The warning is coming following a spate of high-profile attacks in recent weeks, especially the attack on Birmingham’s South and City College, which made all 13,000 students stay home and take their classes online last week.
Guidance of school security provided
The NCNC director of operations Paul Chichester addressed the issue of an increased level of ransomware attacks recently. He stated that schools should act swiftly with strong security measures against these threats to prevent any interruptions in students’ learning.
The NCNC has also released guidance the schools can follow if they want to avoid being victims of ransomware attacks. The guidance includes easy-to-follow tips such as regularly backing up their network and preparing response protocols. It also offers strategies to quickly kill off any malware that finds its way into the systems.
Earlier this month, the University of the Highlands and Islands was also hit by a ransomware attack, which led to the complete shutdown of the campuses to deal with the issue.
The last time there was a spike in the number of ransomware attacks was in August and September last year, when schools were supposed to be back from the summer holidays.
The NCSC has identified various organizations perpetuating the recent assaults on educational institutions. The attacks are not coming from a single group of threat actors but from multiple groups looking to disrupt learning while looking for vital information within these victims’ networks.
Ransomware attacks have devastating impacts
The higher education support body, Joint Information Systems Committee (JISC), stated that the body has been assisting several educational institutions to recover from ransomware attacks. The body’s director of e-infrastructure Steve Kennett, also revealed that the ransomware attacks have devastating impacts on the educational sector if not properly checked.
JISC also mentioned that it carried out a red-teaming exercise in 2019 on British universities. The body said the result of the exercise was astonishing, as it received a 100% hit rate. Last October, it carried out more research into the cybersecurity strength of the educational sector. The research revealed that the increased level of attacks on the institutions was possible due to underfunded IT provisions in educational institutions.
However, British colleges and universities are not the only targets for a cybercriminal, as US schools also have their challenges when it comes to ransomware attacks.
Ransomware attacks usually encrypt data and servers, which prevents organizations and institutions from providing services to users.
The recent attacks may be caused by cybercriminals who think they could begin extortion demands from these institutions when their servers are compromised. In most cases, they demand ransomware in Bitcoin or other cryptocurrency tokens from the victim organizations to evade being caught during the investigation.
Institutions should do more to protect their servers
The recent ransomware attack within the U.K. educational sector has resulted in the loss of school financial records, student coursework, as well as data linked to COVID-19 testing.
In most cases, the cybercriminals threaten the institutions with the exposure of the stolen data o the public when the ransom is not paid.
“Any targeting of the education sector by cybercriminals is completely unacceptable,” Chichester stated.
NCSC also recommended that colleges and universities protect their networks from ransomware attacks, including using an effective strategy to manage vulnerability and apply security patches on time. The body also advised institutions to secure their remote online services with multi-factor authentication, and install and enable anti-virus software.