As of late May/June 2021, the National Cyber Security Centre (NCSC) is investigating another increase in ransomware attacks against schools, colleges and universities in the UK. The NCSC has previously highlighted an increase in ransomware attacks on the UK education sector during August/September 2020 and again in February 2021.
Ransomware remains one of the most prevalent cyber threats to the UK. The impact of a ransomware attack on an organisation can be devastating.
The NCSC emphasises again the need for organisations in the sector to protect their networks to prevent ransomware attacks and urges all organisations to follow NCSC guidance on ‘Mitigating malware and ransomware.’ This advice details a number of steps organisations can take to disrupt ransomware attack vectors and enable effective recovery from ransomware attacks.
The NCSC is also encouraging organisations in the UK education sector to sign up to their Early Warning service. This free NCSC service uses a range of information feeds to notify organisations of malicious activity on submitted domains and IPs. More information, including how to sign up, is on NCSC website at ncsc.gov.uk/earlywarning
The NCSC Alert is available at https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector. The alert was first issued by NCSC on 17 September 2020 and has been updated with additional information and advice following further ransomware attacks on the UK education sector during May and June 2021.
The NCSC has also produced a number of practical resources to help schools and other educational institutions improve their cyber security. More cyber security advice and guidance can be found at www.ncsc.gov.uk
You can report suspicious emails by forwarding the original message to the Suspicious Email Reporting Service (SERS) at [email protected] If you receive a suspicious text you can forward this to 7726 which spells SPAM on your phone keypad.
If you have been a victim of crime, and it is not an ongoing emergency, you can report this to Police Scotland on 101. For all emergency calls, dial 999.
Related content
Phishing is a cybercrime in which a target or targets are contacted through email, by someone posing as a legitimate organisation to lure individuals and companies into providing sensitive data. A form of phishing is quishing, which uses QR codes to lure you to nefarious websites. As with any type of phishing, the best defence against quishing attacks is to be aware of the threat.
Alert: Emerging crime trend where criminals are pretending to be from your bank’s fraud team.
Criminals have taken advantage of the unregulated nature of cryptocurrencies to scam consumers.