The National Cyber Security Centre (NCSC) has issued an alert to the academic sector following a spate of online attacks against UK schools, colleges and universities.
Cyber security experts have today stepped up support for UK schools, colleges, and universities following a spate of online attacks with the potential to derail their preparations for the new term.
The NCSC issued an alert to the sector containing a number of steps they can take to keep cyber criminals out of their networks, following a recent spike in ransomware attacks.
“The NCSC dealt with several ransomware attacks against education establishments in August, which caused varying levels of disruption, depending on the level of security establishments had in place.”
Ransomware attacks typically involve the encryption of an organisation’s data by cyber criminals, who then demand money in exchange for its recovery.
With institutions either welcoming pupils and students back for a new term, or preparing to do so, the NCSC’s alert urges them to take immediate steps such as ensuring data is backed up and also stored on copies offline. They are also urged to read the NCSC’s newly-updated guidance on mitigating malware and ransomware attacks, and to develop an incident response plan which they regularly test.
Paul Chichester, Director of Operations at the NCSC, said:
“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible. While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted. We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves.”
The new alert, Targeted ransomware attacks on the UK education sector by cyber criminals, supplements existing support that the NCSC, which is a part of GCHQ, provides academic institutions across the UK.
Examples of this include advice on the questions governing bodies and trustees should ask school leaders to improve a school’s understanding of cyber security risks, and the distribution of information cards which help staff understand how they can raise their school’s resilience to attack.
The West led the world in building the internet, where before it was just for geeks, today it controls our lives, be it e-mails, social media, shopping, banking and off course of site controlling of vital assets. For some very strange reason the West have been slow in recognising that an enemy (Be it state or stateless actors) can use the internet in which to attack us. On a personal level I know of many people who whilst carrying out their banking , shopping on line don’t have any form of antivirus protection . The West bore witness to what a mass internet attack looks like when in 2007 Estonia fell victim to a huge internet attack which targeted everything and anything in the country for 3 weeks . that was 13 years ago and yet the otherday it was revealed that a woman in a hospital in Germany died when hackers locked down the hospital with ransomwear. We have seen similar attacks in the Uk, thankfully with no deaths.
The huge elephant in the room regards the UK is Huawei. There is very strong evidence that it is a tool for the Chinese government and yet until Hong Kong a few weeks ago The Government was happy to allow them access to our networks even thou the rest of the Anglo Western world had refused to do so. The Tories cite the Huawei test centre in Banbury which funny enough is run by a former tory minister where all equipment destined for use in the Uk is tested to see if it is Chinese spyware. But the here’s the catch, the people doing the testing are Huawei employees. The government reports on test centre doesn’t speak higher of the above, (Google)
”Huawei cyber security evaluation centre oversight board: annual report 2019”
yet the UK government turned a blind eye to the fact that we are/were using a quasi-arm of the Chinese military to build our future communications system. A few years back, we all received a message on sign up on our military Dii intranet system , stating that there was a huge risk of Chinese espionage and then when we logged on, and noticed an unofficial log in on the splash screen we had to report it to the chief Clerk . yet the military intranet is run by BT who still use Huawei equipment in their network. (Only started stripping Huawei equipment from the 3 and 4G networks 15 months ago)
The Uk has a very lax attitude to computer safety and that isn’t going to change anytime soon
An excellent post, and another warning. Still too many people ignorant of the risks.
The Chicoms have been busy. Still can’t believe the Brits still trust them. Ugh.
I think universities have been a target for sometime. It always amazes me when we have classified program we announce all the participants so an one wanting to target them has a full list.