The education sector has experienced huge challenges over the past 18 months. Schools, colleges and universities were forced to act quickly as the pandemic hit, implementing new remote learning processes for students – and the technology needed to support them – while ensuring that new social distance protocols were implemented on campus.
However, these weren’t the only challenges facing education. At the same time, they were undergoing a surge in cyberattacks. These attacks have seen data stolen, increased pressure on already overstretched IT teams and teaching disrupted – including leaving remote learning students without access to vital services.
Such was the threat in 2020 that the UK that the National Cyber Security Centre (NCSC) issued an alert warning of a spike in ransomware attacks against education establishments, which it said caused “varying levels of disruption”.
Moreover, ransomware has evolved. Whereas previously files, applications and sometimes backups were encrypted with a ransom required to retrieve the keys, now cybercriminals threaten to release sensitive stolen data to force victims to pay out.
Indeed, during a May 2021 education sector webinar run by Sophos, 90% of the 158 respondents agreed that ransomware was now their biggest cybersecurity fear. When asked whether they agreed that students and staff were the weakest link in their security, 93% either agreed with this or thought it was more correct than incorrect.
The impact of such attacks can be devastating. Once data is lost, it cannot be retrieved and is gone forever, which in the case of young people will be many decades.
Here, in the ‘Defending UK Education’ report by Sophos, we dig into why cybercriminals now have the education sector in their sights, some examples of incidents, and we look at what schools, colleges and universities can do to build better defences against attacks. This includes best practice for securing infrastructure and detailed incident response guidance should the worst happen and your establishment falls victim to a ransomware attack.
Your investment in detection, remediation, backup and incident response could be the difference between your systems, data – and reputation – remaining safe and secure, and a potentially crippling ransom demand.