Last month, when hackers targeted UK nursery schools and leaked child data online, they faced accusations of reaching a new low.
Nonetheless, the wider education sector is more familiar with being a target.
As per the British Government Survey, educational institutions are at a higher risk of cyberattacks or security breaches than private businesses.
Over the past year, six out of ten middle schools have experienced attacks or breaches, while more than 80% of universities and 90% of higher education institutions have faced similar issues. In contrast, only four out of ten companies reported violations or breaches, a statistic comparable to elementary schools.
Toby Lewis, global threat analysis director at cybersecurity firm Darktrace, notes that the UK education sector isn’t necessarily a specific target. “They are caught in the dragnet of cybercrime,” he explained, mentioning the “element of randomness and opportunism” involved in cybercrime victim selection.
Last week, the BBC highlighted that Kido, a nursery business targeted by hacking groups identified as Shinekase, had its system compromised after “early access brokers” sold access to Kido’s system, a scenario common in cybercrime circles.
Data from the annual Cybersecurity Violation Survey is derived from over 30 higher education institutions, almost 300 secondary and elementary schools in the UK, and various universities. The survey defines a cyberattack as an “attempt” to breach a target IT system, which includes sending “phishing” emails designed to deceive recipients into disclosing sensitive information, such as passwords.
Phishing emails constitute the most prevalent type of attacks on universities and schools.
Ransomware attacks have become widely recognized forms of cybercrime in the UK, wherein attackers encrypt IT systems to steal data and demand Bitcoin payments for decryption and the return of data.
The West Lothian Council’s education network has encountered ransomware attacks this year, resulting in data being obtained from several schools, with recent attacks also reported at Newcastle University, Manchester University, and Wolverhampton University.
Lewis suggests that state schools might be more susceptible due to funding pressures and a lack of expertise, while universities also face risks because they contain thousands of young students who may not be cybersecurity-savvy, along with computer networks designed to facilitate academic collaboration.
Colleges appear to be a favored target, and higher education institutions are reportedly the most frequently affected, with three in ten experiencing violations or attacks weekly, according to government data. Nonetheless, the education sector may be more conscious of government initiatives on cybercrime prevention than businesses and charities.
Pepe Dilacio, general secretary of the British Schools Association and the Association of University Leaders, remarked that ransomware attacks pose a “major risk” and emphasized the ongoing efforts to safeguard systems and data.
James Bowen, assistant secretary at the National Association of Principals, welcomed additional government funding to assist school leaders in identifying and responding to cyber threats.
The Ministry of Education stated that the school’s support includes a dedicated team to handle cyber incidents and collaborate closely with the UK’s National Cybersecurity Centre to provide complimentary training for school staff. “We take cybersecurity in schools seriously and understand the significant disruption attacks can cause, and we offer a wide range of support to schools,” said a spokesperson.
Following backlash from the hack, Kido hackers have deleted data obtained from the company, including child profiles.
However, government data indicates that the education sector continues to be a target. Ministers are preparing schools, the NHS, and local councils to potentially pay ransoms under government proposals aimed at combating hackers. In the meantime, attacks continue.
Source: www.theguardian.com
