UK schools and universities under threat

Universities and colleges are being warned by the UK’s National Cyber Security Centre (NCSC) that rising numbers of cyber attacks are threatening to disrupt the start of term. The NCSC has been investigating an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges and universities.

According to Microsoft’s Global Threat Activity tracker, 61 percent (nearly 4.8 million) of malware encounters reported within the past 30 days took aim at the education sector, making it the most affected industry. The business and professional services sector came in second with just under one million incidents.

The warning from the NCSC follows a spate of ransomware attacks against academic institutions – in which malicious software or “malware” is used to lock out users from their own computer systems, paralysing online services, websites and phone networks.

Juta Gurinaviciute, Chief Technology Officer at NordVPN Teams said: “Often, the aim of cyber criminals deploying ransomware is to encrypt data that will have the most impact on an organisation’s services. This can affect access to computer networks as well as services including telephone systems and websites.’’

A lack of dedicated funding and skilled personnel made it hard for educational institutions to keep data secure and improve privacy-related defences.  Many schools make essential primary setup errors and put little effort into overseeing old existing vulnerabilities. ‘’It comes as no surprise that, during the COVID-19 crisis, hackers and scammers found those vulnerabilities so easily’’, said Gurinaviciute.

As the last six months have shown us, it has never been more important for colleges to have the right digital infrastructure in order to be able to protect their systems. According to NordVPN Teams CTO: ‘’Systems have to be set up with adequate authentication and controls. Otherwise, they can become vectors for attack. Without proper implementation, tools to access school networks remotely – even VPNs, password managers and remote desktop protocols – can all be hacked to gain unauthorized access and steal sensitive data.’’

Shifting to fully or partly online learning for the second time this year means educational institutions have to put extra effort in preparing their edtech. Cyberattack trends make it clear that most university lecturers are not properly trained in ICT or lack the knowledge to assist students in cyber security. Although school districts have already learned the lesson the hard way and have started trying to secure their data, their pace might still be too slow. Millions of teachers and students makes remote access attempts from various devices again this fall, opening the door for cybercriminals to act.

‘’Edtech and its infrastructure is not given the importance it is due. As governments attempt to address the public health crisis around the world and contain the spread of COVID-19, there is a very large chance criminals will continue to exploit this chaos, and that there will be another spike in cyberattacks against vulnerable targets. Educational institutions should focus on protecting their open networks and managing devices they don’t have control over’,’ concludes the NordVPN Teams expert.

The NCSC has recently updated its ransomware and malware guidance, which is generally applicable to organisations in all industries in the UK. Additions to this include updated information on attackers’ modus operandi and advice on preparing for an incident.