Schools are being urged to step up their efforts to guard against cyber crime amid a rising threat of attacks that could lead to pupils’ data being shared on the dark web.
There has been a growing number of cyber attacks on schools throughout August, with criminals particularly likely to strike as the autumn term gets underway, according to the National Cyber Security Centre (NCSC), a part of GCHQ.
In an effort to combat the risk, the NCSC has issued an alert to schools containing a number of steps they can take to keep cyber criminals out of their networks.
Related: College cyberattacks on the rise
Cyber crime: Schools more vulnerable to cyber-attack due to ‘budget pressures’
Viewpoint: ‘There’s only so much teachers can do about online safety’
Ransomware attacks typically involve the encryption of an organisation’s data by cyber criminals, who then demand money in exchange for its recovery.
But Paul Chichester, director of operations at the NCSC, said there have also been incidents of cyber criminals posting stolen data to the dark web.
“It is a known tactic of groups now,” he said.
“Cyber criminals went from stealing the data and selling it online – generally sort of credit card details, [to realising] they could make more money by extorting people, by encrypting their data.
“And what they’re also finding now is people aren’t paying, so to put more pressure on the victims they’re actually now publishing the data or samples of the data on the dark web.”
Asked if schools had been affected by cyber attacks so far, Mr Chichester said: “Schools are definitely at risk from this threat. To some degree, the cyber criminals aren’t discriminating in terms of who they’re targeting – so they will cast their net very widely and see what they get.
“So yes, definitely, some of the cases that we have been dealing with – that law enforcement colleagues particularly have been dealing with – do relate to schools.
“They relate to – actually across all sectors – so primary, secondary, tertiary, further education and universities.”
And he warned that data stolen from schools could subsequently end up on the dark web.
“There’s always been a sort of threat of cyber criminals stealing personal information, if you like, to make money – personal information of adults,” he said.
“But in this instance, what we’re seeing now is cyber criminals publishing some of the data they’re stealing on the dark web. So they’re selling that information.
“So from a safeguarding point of view, this is a really important issue.”
He added: “This is a threat to [schools’] operational functioning, so not being able to run the school, not being able to admit pupils at this time of year. But also it’s a threat to the data that they hold.
“What we really don’t want to be seeing is sensitive details of children and things like that being published on the dark web.”
Mr Chichester said it was “really important” organisations across the education sector understood the “tangible impact” this could have on them.
“We’re well aware of how busy schools and colleges…are at the moment, they’ve got a lot on,” he said.
“But the reason for doing it now is that they are probably at most risk – in that they’re back to term, they’re back trying to get things up and running again. We know cyber criminals target victims in this situation – at what they hope is their weakest moment.
“So the sector is particularly vulnerable at the moment, and I think that’s why we’re really keen to get the message out there that there are simple things that they can do, that they can understand.”
The NCSC urged schools to take immediate steps to ensure data is backed up and also stored on copies offline.
They should also read the organisation’s newly-updated guidance on mitigating malware and ransomware attacks, and develop an incident response plan which they regularly test, the NCSC said.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.