A hacker’s honeypot

Ransomware attacks on schools

Few would argue that the additional pressures on the education system during the global pandemic are second only to those on the NHS. Schools have had to deal with unclear guidance, closures, part-opening, short notice changes, online teaching, and to top it all normal examinations were torn up and thrown in the bin.

This has had an enormous impact on everyone who works for a school, plus all those for whom the education system exists – the pupils themselves.

Schools and pupils have done an absolutely incredible job rising to the challenges. As has everyone else who has had some involvement, not least parents but also all the organisations that work with schools in any capacity.

 

inTEC EDUCATION have played a very important role in helping schools improve their IT systems to cope with these changes, from 365 and Teams consultancy to installing new wireless systems to cope with the upsurge in the number of portable devices used in the classroom.

We are now seeing these ‘new norms’ mature. Teachers and pupils have become comfortable using technology in teaching and learning. Whatever happens in the future with the pandemic, we can be certain that technology will be more important and used more widely.

But, as the disruption and stress caused by Covid is abating, another challenge has accelerated growth and had a huge impact on schools. Ransomware.

 

The National Cyber Security Centre has issued numerous warnings to all education providers of the risk of ransomware and the fact that schools and colleges are specifically targeted. Whether a university, college, multi-academy trust or independent school, all are vulnerable and all increasingly attacked.

 

Independent schools are particularly vulnerable. They typically have large numbers of users and small IT departments, with IT staff multi-tasking in all areas of technology rather than specialising. There is not a single independent school that I know of that has employed staff dedicated to work on cyber security.

As a result, the defences can be low and the ability to deal with a ransomware attack limited. In addition, independent schools have many influential and famous parents as clients, from royalty and global political leaders to pop stars and business leaders, all choosing an independent education for their children.

These schools store some very sensitive data as a result and that is very valuable on the Dark Web – so in addition to trying to minimise disruption of an attack, schools will be tempted to pay a ransom rather than risk their reputation and parental legal action, hence they have become something of a “hacker’s honeypot”!

We have worked with schools that have suffered a ransomware attack. It can takes weeks to recover and costs huge sums. One school was reportedly asked for a multi-million-dollar ransom last year. The impact an attack has on the school, staff, pupils and parents is appalling to witness.

 

How can inTEC EDUCATION help?

We provide both strategic advice and practical solutions to schools, with a three-pronged approach:

1. PREVENT: ensure the school has effective ransomware protection.

2. ACT: stop a ransomware attack in its tracks should it happen and before any real damage is done.

3. RECOVER: ensure backup systems are protected from encryption and can be used to recover data and systems should the ransomware attack be successful.

The best advice at the end of the day is to ‘plan for the worst and hope for the best’. Ransomware attacks will sadly increase, so each school should seek help to ensure they are managing the risks. The inTEC EDUCATION Ransomware Protection Audit is a great starting point.

 

Post by John Sainthouse | IT Services Director at inTEC EDUCATION

Prior to inTEC EDUCATION, John spent a dozen or so years leading ICT transformation in schools, including Charterhouse School and Eton College, where he worked as Head of IT. With this experience he has a unique insight and understanding of the technology challenges that independent schools face, enabling him to help provide them with answers.

He treasures his personal time, which is divided between his family and his ever-expanding collection of guitars; not necessarily in that order.

To book your ‘Ransomware Protection Audit’, please contact John Sainthouse at inTEC EDUCATION by calling 0330 555 5550 or emailing john@inteceducation.com