Two UK secondary schools have fallen victim to cyberattacks in the past week, with one being forced to delay the start of the new term by six days as it recovers its systems. The breaches, and other successful attacks on schools in recent months, reflect the fact that many educational institutions do not have adequate protections in place, experts say.
Highgate Wood School in London has announced that a cyberattack has prevented employees at the school from accessing their systems but says it is confident data has not been stolen. However, the incident has delayed the start of the new term, which was due to begin tomorrow. The news comes days after it was revealed Debenham High School in Suffolk has also suffered a breach, which caused all its digital systems to go offline.
UK secondary schools close after cyberattacks
Pupils at the Highgate Wood School have been told they will return to the classroom on 11 September rather than the previously announced 5 September. An email sent out to parents outlines the attack and the measures taken by the school to reverse some of the damage done.
“With the help of Haringey Council, London Grid for Learning and other external experts in the field of cybersecurity, we’re doing everything to get our systems and functionality back up and running as swiftly and securely as possible,” Patrick Cozier, headteacher at the school, said in the letter, reportedly shared with local newspaper the Ham & High.
So far, the investigation has made Cozier “extremely confident” that employee and pupil data has remained secure, the letter reportedly says. “We sincerely apologise for any disruption and inconvenience this may cause you and your family and thank you for your patience, support and understanding at this time as we work through these IT issues,” the headteacher told parents.
Debenham High School had similar issues as it has also lost access to its systems due to a cyberattack. The school has resolved to get systems back up and running for when its new term starts tomorrow.
Headteacher Simon Martin said: “Although it is difficult to provide precise timescales for a full restoration, the support team has assured us that due to the safeguards we have in place, the restoration process should happen more quickly.”
Tech Monitor has approached the schools for comment but has not yet had a response at the time of writing.
Schools have inadequate protection, say experts
These attacks follow an incident earlier in the summer at another secondary school in London, where the data of up to 800 pupils had been breached. Leytonstone School was attacked in June and the school was temporarily closed.
Schools may be targeted because they are notorious for having inadequate cybersecurity provisions says Don Smith, vice-president at Secureworks Counter Threat Unit. “School networks, whether that be primary schools or universities, tend to be open more often than they are closed, due to their mission to promote learning, and so unfortunately often find themselves subject to these attacks,” Smith says.
For schools to stay ahead of the curve, Smith believes it is “crucial” that schools “add a layer of multifactor authentication to make it harder for bad actors to break through”.
The high value of data belonging to children and young people is also a factor in attacks on schools. Speaking to Tech Monitor last year, Brian Higgins, security specialist at cybersecurity platform Comparitech, said: “Unfortunately, there is a long list of things that criminals can do with the types of information contained in these leaks, from direct contact [with the victims] to targeted phishing campaigns.”
He added: “Young people’s details are particularly popular with organised crime gangs for setting up things like bank accounts, as they are less likely to be discovered since the victims probably haven’t done that themselves yet.”