This article is more than 1 year old

UK colleges and unis urged to prepare for ransomware before it's too late

Uptick in attacks since schools reopened, warns National Cyber Security Centre

Britain's National Cyber Security Centre (NCSC) has urged universities, schools, and colleges to be vigilant following an increase in ransomware attacks targeting educational institutions.

"While operational details cannot be disclosed, the NCSC has dealt with a significant increase in the number of attacks since late February, when establishments were preparing to welcome students back to the classroom," said the GCHQ offshoot in a statement issued this afternoon.

The warning comes in the wake of higher-profile attacks in recent weeks such as the one against Birmingham's South and City College, which resulted in all 13,000 students being told to stay at home and switch to online lectures last week.

Paul Chichester, the NCSC's director of ops, said in a canned statement: "This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted."

A mock-up of a message from a ransomware infection demanding money to decrypt scrambled files

Brit college forced to shift all teaching online for a week while it picks up the pieces from ransomware attack


That guidance can be found here on the NCSC website. It includes straightforward tips such as taking regular backups of your network, preparing incident response protocols, and ensuring that if malware does get a foothold on your school's network, it can be killed off quickly.

The University of the Highlands and Islands was also struck earlier this month, leading the institution to shut down its campuses while beleaguered IT staff fought off the ransomware.

Previous spikes in attacks against UK educational institutions were seen in August and September 2020, traditionally the time when schools return from the summer holidays. Nonetheless, the NCSC said today that these assaults were coming from various malicious organisations, tending to rule out the idea that a high-profile ransomware gang was systematically targeting educational institutions for easy pickings.


Forget Snow Day: Baltimore's 115,000+ public school kids get Ransomware Day, must check Win PCs for infection


Steve Kennett, director of e-infrastructure at the higher education support body Jisc, said in a statement: "Jisc has been helping many colleges and universities recover from ransomware attacks recently so we have seen what a devastating impact this crime has on the sector."

Jisc, formerly known as the academic industry's Joint Information Systems Committee, said in 2019 it had achieved a 100 per cent hit rate while phishing British universities as part of a red-teaming exercise. In October it followed up with more research into what it called the sector's "difficult cyber security posture" – research tending to show that underfunded IT provision in educational institutions may have contributed to today's warning from the NCSC.

It's not only British schools and colleges being targeted by crims; last year US schools had their fair share of ransomware infections too. ®

More about


Send us news

Other stories you might like