The growing risk of cyber threats within the education sector is well reported. Over recent months there has been an increase in targeted attacks, in particular ransomware attacks affecting the education sector.
Security alerts from NCSC and others have been issued, warning that cybercriminals are looking to target schools, colleges and universities. Without cyber and business resilience in place, the education sector is vulnerable to attacks.
Schools, Colleges and Universities are experiencing a sharp rise in cyber attacks across the UK causing large scale disruption. The outcomes can range from small data breaches, to ransom demands, intellectual property stolen and above all, the loss of student and staff information.
According to the Cyber Security Breaches Survey 2020, 41% of primary schools, 76% of secondary schools and 80% of further/higher education facilities have identified breaches or attacks within the last 12 months1.
This is due to the vast diverse user base and wide range of personal and unmanaged devices connecting to networks across the country and for universities, the connected world.
Schools and colleges aren’t immune to cyber threats. Recent figures from the cyber security breach survey 2020 found that 41% of Primary schools, 76% of secondary schools and 80% of further education institutions identified a breach or attack in the last 12 months.
August 2020 saw the Luminate Education College Group get hit by a cyber attack which caused large scale disruption, with students unable to get their exam results. The group has 29,000 students and 2,000 members of staff and deployed temporary security systems to continue to support students and staff7. It comes after Myerscough College, in Billsborrow, Lancashire, was hit by what was described as a significant malicious cyber attack on the College.
- 93% of colleges and schools reported receiving fraudulent emails.
- 43% of colleges and 29% of schools reported viruses, spyware or malware attacks.
- 21% of colleges and 2% of schools reported a ransomware attack.
A total of 57% had a material outcome from these breaches, such as a loss of money or data8.