View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
In association with Sophos
  1. Technology
  2. Cybersecurity
July 27, 2021updated 28 Jul 2021 9:46am

Cybercriminals have education in their sights: What can you do?

Cyberattacks on education institutions have dramatically increased over the past 18 months. Sophos has recently published a white paper on how schools, colleges and universities can protect themselves in this new age.


The education sector has experienced huge challenges over the past 18 months. Schools, colleges and universities were forced to act quickly as the pandemic hit, implementing new remote learning processes for students – and the technology needed to support them – while ensuring that new social distance protocols were implemented on campus.

Cyberattacks on education. (Photo by Studio4dich/

Cyberattacks on education are on the rise. (Photo by Studio4dich/Shutterstock)

However, these weren’t the only challenges facing education. At the same time, they were undergoing a surge in cyberattacks. These attacks have seen data stolen, increased pressure on already overstretched IT teams and teaching disrupted – including leaving remote learning students without access to vital services.

Such was the threat in 2020 that the UK that the National Cyber Security Centre (NCSC) issued an alert warning of a spike in ransomware attacks against education establishments, which it said caused “varying levels of disruption”.

Moreover, ransomware has evolved. Whereas previously files, applications and sometimes backups were encrypted with a ransom required to retrieve the keys, now cybercriminals threaten to release sensitive stolen data to force victims to pay out.

Indeed, during a May 2021 education sector webinar run by Sophos, 90% of the 158 respondents agreed that ransomware was now their biggest cybersecurity fear. When asked whether they agreed that students and staff were the weakest link in their security, 93% either agreed with this or thought it was more correct than incorrect.

The impact of such attacks can be devastating. Once data is lost, it cannot be retrieved and is gone forever, which in the case of young people will be many decades.

Why education?

Here, in the ‘Defending UK Education’ report by Sophos, we dig into why cybercriminals now have the education sector in their sights, some examples of incidents, and we look at what schools, colleges and universities can do to build better defences against attacks. This includes best practice for securing infrastructure and detailed incident response guidance should the worst happen and your establishment falls victim to a ransomware attack.

Your investment in detection, remediation, backup and incident response could be the difference between your systems, data – and reputation – remaining safe and secure, and a potentially crippling ransom demand.

Download the report here.

Topics in this article:
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy