NCSC Alert: Education Targeted by Ransomware Attacks

The National Centre for Cyber Security recently published an alert for those responsible for IT and Data Protection in education. The alert brings to light an investigation into an increase in ransomware attacks affecting the UK education sector including schools, colleges and universities. 

Resources for schools: 

1. Cyber security best practice blogs: 

• How to Improve Your School’s Security Posture Using Security Frameworks and Annual Testing
• Why Schools Should Worry About Ransomware
• Protecting Your School from Cyber Threats Facing Distance Learning
• Cyber Security in Schools: Event Log Monitoring
• Cyber Security in Schools: User Privileges, Passwords and the Human Firewall!

2. Cyber security webinars:

• Webinar - Cyber Crime in Schools - Presented by Ian Hickling, Cyber Protect Office at the East Midlands Special Operations Unit.
• Webinar - Security Tips for Remote and Mobile Working

It is also recommended by the NCSC that you run regular incident drills, where you plan and rehearse ransomware scenarios in the event that your defences are breached. The new 9ine App makes managing incidents simpler and quicker with a proven Incident Management framework and visual representation of risk, specifically designed for the education sector. 

Register for a free 14-day trial of the 9ine App and start your incident drill now!

Reports of phishing emails are on the rise. Be vigilant!

Here at 9ine, our team has also observed a sharp increase in the number of schools being targeted with phishing emails. It’s important that you train staff and students about cyber security best practices including how to recognise a suspicious email and what to do and don’t do when someone is targeted. Here’s a quick reminder of what you should do now to help protect your school.

1. Ensure all members of the school community understand that they are at greater risk of attack given the current circumstances. Ensure a risk assessment of your IT Systems has been completed to ensure adequate security defences are in place. If you need support in completing this, 9ine have developed a Systems & Security Business Continuity framework that schools can access. We can also provide support in the instance of a potential incident. 
2. Have in place an incident management plan specifically tailored for a potential cyber security breach. This includes steps to identify the origin of the incident (your own systems, someone else’s or open source intelligence).
3. Strongly consider implementing protections, such as two-factor authentication, for those individuals who have access to or process personal data that if disclosed, would have a significant impact.

For more resources and information about 9ine’s Security and Systems services and to discover how you can use 9ine’s Incident Management software to help you manage an incident from incident triage to lessons learnt talk to a 9ine expert today. 

ABOUT THE AUTHOR:

Mark Orchison is Founder and Managing Director of 9ine. He is an experienced management consultant with expertise in data protection, cyber security, technology, project and programme management in education. Mark began his career with Sun Microsystems before moving into management consultancy, where he was the technical consultancy lead for overseeing technology systems for new build schools. Since 2009, Mark has led 9ine in becoming the leading independent K-12 technology and compliance consultancy in the UK. Mark now leads a team of twenty multi-disciplinary and specialist consultants in-house, with a client base expanding across Africa, Middle-East, Russia, India, Asia and the Americas.

---

 

Share this blog

 

  

 

 Topic