
Recent Posts
Fraud Alert – Schools targeted with Ransomware

Originally posted on 23 January 2017
As I'm sure many of you will have seen, Action Fraud have published an alert after schools across the country have fallen victim to cyber criminals who have targeted schools in a widespread "ransomware" attack. Although it has so far predominantly been state schools who have been targeted in this particular attack, I wanted to make sure all my contacts at Independent Schools were aware of what is happening, and the best ways to mitigate the risk from these types of threats, as it seems that schools are the latest perceived "soft target" for these money making cyber criminals.
For those who aren't aware, ransomware is a form of malicious software (malware), which effectively hijacks your school's data by encrypting it, rendering it unusable by staff and pupils. The cyber criminals then demand payment of a ransom in order to provide the security key needed to decrypt your data. In the recent attack on schools this ransom has been up to £8000, but can be even higher, with some UK organisations who experienced these type of attacks last year being presented with demands in excess of £35,000!
Schools are not alone, as research conducted in June 2016 by Ostermann Research showed that 54% of organisations in the UK had experienced ransomware attacks during the previous 12 months, and, somewhat worryingly, 58% opted to pay the ransom, which would seem to suggest that the risks around such an attack had not been fully assessed or planned for, and contrasts sharply with data from the US where only 3% of victims paid the ransom.
So what should Independent Schools be doing to protect themselves?
Having good system backups, which are stored off-line so that they cannot also be encrypted, is, of course vital. But having to carry out a full scale disaster recovery of the school's ICT systems should really form the last line of defence. This is something I will talk about in future articles in more detail, but it is certainly not something to be undertaken lightly; it can be highly disruptive to the school's operations and indeed, without proper preparation, there is no guarantee of total success.
Unfortunately there isn't a piece of software or a firewall rule that will completely stop these sorts of attacks. Prevention really requires a blend of policies, staff training, plans and technologies to form a cohesive defence strategy for the school. Some of the steps we typically take with the schools who we work with include:
• Reviewing their current systems to identify risks and vulnerabilities.
• Working closely with the senior leadership team to define and implement a risk mitigation plan to address any vulnerabilities identified.
• Implementing a suite of technical measures, which may include hardware, software, cloud technologies and security policies to protect the schools data.
• Training and educating staff, particularly as these type of threats often get into a school through someone clicking on a bogus link or attachment.
• Devising, implementing and testing contingency plans including disaster recovery plans, frequent data backups, security incident response plans and emergency operating procedures.
Unfortunately whilst ransomware is generating such a healthy income for cyber criminals, I think it is only likely to become more prevalent, so it is best to be prepared.
Interested in finding out more about how entrustIT could help keep your school secure? Download our FREE White Paper >>
Subscribe here!
Recent Posts
Posts by tag
- technology (125)
- Security (104)
- cyber security (93)
- IT Security (90)
- Microsoft 365 (67)
- Cloud (66)
- Managed Service (65)
- modern technology (65)
- business (61)
- cloud computing (60)
- IT support (59)
- cyber attack (59)
- cloud it (55)
- microsoft (54)
- workplace (54)
- Microsoft Teams (53)
- cybersecurity (51)
- Working from home (50)
- productivity (49)
- office (46)
- office 365 (44)
- IT (42)
- Password Security (40)
- employees (39)
- entrustit (39)
- Uncategorised (38)
- flexible work (37)
- Remote (33)
- efficiency (31)
- Cyber (30)
- Hosted Workspace (30)
- hosted desktop (30)
- schools (29)
- independent schools (28)
- cyber privacy (27)
- school ict (27)
- collaboration (26)
- email security (26)
- it support bournemouth (26)
- 2023 (25)
- public cloud (24)
- computing (23)
- it support dorset (22)
- password (20)
- entrust (19)
- it support hampshire (19)
- passwords (19)
- hosted applications (18)
- VoIP (17)
- cloud voip (17)
- covid19 (17)
- hacking (17)
- private cloud (17)
- data (16)
- it support southampton (16)
- teamwork (16)
- Coronavirus (15)
- it consultancy bournemouth (15)
- msp (15)
- ransomware (15)
- GDPR (14)
- IT audit (14)
- cloud cctv (14)
- hackers (14)
- it consultancy (14)
- office 365 support (14)
- Protection (13)
- cctv (13)
- covid-19 (13)
- hack (13)
- internet (13)
- it consultancy hampshire (13)
- it support winchester (13)
- management (13)
- network (13)
- Hosted Desktop and Applications (12)
- Windows Virtual Desktop (12)
- hardware (12)
- hybrid cloud (12)
- internet safety (12)
- it consultancy dorset (12)
- it consultancy southampton (12)
- 2020 (11)
- 2022 (11)
- IT costs (11)
- Microsoft Planner (11)
- windows 10 (11)
- data breach (10)
- phishing (10)
- vulnerabilities (10)
- windows (10)
- Backup (9)
- awards (9)
- bitwarden (9)
- digital (9)
- telephony (9)
- attack (8)
- communication (8)
- desk phone (8)
- education (8)
- eu (8)
- partnership (8)
- planning (8)
- software (8)
- staff (8)
- uk (8)
- usecure (8)
- Bournemouth (7)
- Google (7)
- Hampshire (7)
- IT Director (7)
- OneDrive (7)
- cloud storage (7)
- infrastructure (7)
- mobile (7)
- offsite backup (7)
- outsource (7)
- 2019 (6)
- Apple (6)
- Dorset (6)
- News (6)
- Skype for Business (6)
- apps (6)
- architect (6)
- child protection (6)
- european union (6)
- hacks (6)
- legal (6)
- legal it (6)
- mobile phones (6)
- onsite backup (6)
- password manager (6)
- remote desktop service (6)
- resources (6)
- virus (6)
- 3d design desktop (5)
- Azure (5)
- Case Studies (5)
- Desktop (5)
- ISO (5)
- Microsoft Copilot (5)
- Risk assessment (5)
- Windows 7 (5)
- artificial intelligence (5)
- award winning (5)
- brexit (5)
- designer (5)
- personal data (5)
- smartphone (5)
- surrey (5)
- website (5)
- AI (4)
- Access Management (4)
- Attacks (4)
- BYOD (4)
- Facebook (4)
- Government (4)
- Microsoft Forms (4)
- SharePoint (4)
- Thames Valley Tech & Innovation Awards (4)
- VPN (4)
- WannaCry (4)
- internet of things (4)
- ios (4)
- law (4)
- legacy (4)
- proactive (4)
- remote learning (4)
- 2021 (3)
- 2024 (3)
- ChatGPT (3)
- Cyber Essentials (3)
- Cyber Essentials Plus (3)
- DR (3)
- DR planning (3)
- General (3)
- Google Drive (3)
- Help (3)
- IP (3)
- Local (3)
- NHS (3)
- New Forest (3)
- The Business Magazine (3)
- Tiva (3)
- Zoom (3)
- award (3)
- big switch off (3)
- budgets (3)
- citrix (3)
- closed cloud (3)
- computer performance (3)
- copilot (3)
- copilot pro (3)
- ddos (3)
- digital hub (3)
- disaster recovery (3)
- guide (3)
- innovation (3)
- instagram (3)
- london (3)
- meetings (3)
- sme (3)
- sophos (3)
- storage (3)
- teaching (3)
- trump (3)
- twitter (3)
- united kingdom (3)
- wireless internet bournemouth (3)
- 2016 (2)
- 2018 (2)
- AI CCTV (2)
- Bourne Group (2)
- Burhill (2)
- Burhill Group (2)
- CAD (2)
- Dorset Chamber (2)
- EDR (2)
- Environment (2)
- Firewall (2)
- GPT-4 (2)
- Gen Z (2)
- ISBA (2)
- Macs (2)
- Microsoft Autopilot (2)
- Mr Mulligans (2)
- Multi-Site Business (2)
- PaaS (2)
- Privacy Shield (2)
- Sydenhams (2)
- Tech Company of the Year (2)
- Tech Growth (2)
- Thames Valley (2)
- acquisition (2)
- afc bournemouth (2)
- afcb (2)
- android (2)
- bcs (2)
- berkshire (2)
- blockchain (2)
- broadband (2)
- camcloud (2)
- cryptocurrency (2)
- digital transformation (2)
- downtime (2)
- dropbox (2)
- east grinstead (2)
- exhibition (2)
- finalist (2)
- legalex (2)
- macos (2)
- online meetings (2)
- organisation (2)
- paypal (2)
- predictions (2)
- president (2)
- serval systems (2)
- solent (2)
- strategy (2)
- us (2)
- video conferencing tools (2)
- windows 11 (2)
- 1998 (1)
- 5G (1)
- AMD (1)
- ARM (1)
- Abbey Hill (1)
- Aldwickbury Park (1)
- BBC (1)
- BGL Company (1)
- BUNKERS! (1)
- Birchwood Park (1)
- Burnout (1)
- CEO (1)
- Central South Business Awards (1)
- Cloud VMS (1)
- Cloudtango (1)
- Fourth Industrial Revolution (1)
- Go Integrator (1)
- Growth 100 (1)
- Harvey Jones Kitchens (1)
- High Growth (1)
- Hoebridge (1)
- Ignite 2018 (1)
- Ignite 2020 (1)
- Intune (1)
- LLM (1)
- Leaders (1)
- Loop (1)
- M&A (1)
- MDR (1)
- MFA (1)
- MSP Select 2024 (1)
- Market (1)
- May (1)
- Multi Factor Authentication (1)
- MyAnalytics (1)
- Ninja Warrior UK (1)
- PBX (1)
- PM (1)
- Power BI (1)
- Ramsdale Park (1)
- Redbourn (1)
- Regulation (1)
- Reid Steel (1)
- South Coast Tech & Innovation Awards (1)
- Surrey Business Awards (1)
- Thornbury (1)
- WCry (1)
- WannaCrypt (1)
- Wifi (1)
- Wycombe Heights (1)
- XDR (1)
- ashley madison (1)
- b2b (1)
- bandwidth (1)
- battersea (1)
- beach (1)
- big data (1)
- bloatware (1)
- brand (1)
- builders merchant (1)
- business growth (1)
- cambridge analytica (1)
- canada (1)
- cia (1)
- clinton (1)
- cnn (1)
- co op (1)
- compliance (1)
- copyright (1)
- dark web (1)
- defence (1)
- dkim (1)
- dmarc (1)
- dns (1)
- donald (1)
- dyn (1)
- eagle eye networks (1)
- election (1)
- equality (1)
- executive order (1)
- farnham (1)
- fax (1)
- football (1)
- gchq (1)
- grinstead (1)
- intel (1)
- intelligence (1)
- iot (1)
- josh widdicombe (1)
- knights of old (1)
- landmarks (1)
- learning (1)
- legal technology forum (1)
- machine learning (1)
- meltdown (1)
- millennials (1)
- mimecast (1)
- mirai (1)
- modern work (1)
- no-deal (1)
- number plate detection (1)
- onsite (1)
- paper (1)
- patisserie valerie (1)
- performance reviews (1)
- pound (1)
- premier league (1)
- private equity (1)
- procrastination (1)
- reading (1)
- recruitment (1)
- research (1)
- samsic (1)
- sharefile (1)
- smishing (1)
- snowden (1)
- solent business awards (1)
- solentBA (1)
- spectre (1)
- spf (1)
- sterling (1)
- storm (1)
- talktalk (1)
- trumppresident (1)
- ukitawards (1)
- united states (1)
- usa (1)
- vault 7 (1)
- vitality stadium (1)
- whatsapp (1)
- white (1)
- white house (1)
- wikileaks (1)
- wireless internet southampton (1)
- women in business (1)
- xiongmai (1)
- year (1)
- zero touch deployment (1)
- zero-trust (1)