Ransomware Attacks in Schools

Schools across the country have increasing fallen victim to ransomware attacks following information recently provided by Action Fraud.  Security providers are reminding their education customers to remain alert and to make sure they are up to date with all available patches and software updates.

Ransomware is attacking schools

It appears that the cybercriminals are cold calling Schools, Universities or other Education organisations, the cybercriminals claim that they are from the “Department of Education” although the actual name of the body is the “Department for Education”.

Fraudsters are calling the schools directly and asking for the best contact number or email address for the head teacher or financial controller, explaining that they need to send them guidance forms such as mental health assessments or exam guidance which are all strictly confidential.

On the emails that the fraudsters send out there is a particular zip file attached which is masked to be seen as a Microsoft file, for example Word or Excel document, within these files contains the ransomware which the demands for recover your files could cost up to £8,000.

Action Fraud advises that schools do not attempt to click on the links or open any attachments from unsolicited emails. Schools are also urged to install any software updates as soon as they become available to them.

ransomware file

It is inevitable that these attacks are only to increase in the near future.  Many schools and universities are under pressure with IT budgets and at the same time if they are hanging onto legacy hardware then this could end up comprising security and ultimately costing a small fortune.  Anyone can be defrauded, so our advice to is stick with the people you know best and never give out any information to an unverified source that you are sure about.  Make sure you routinely update and audit all off your hardware and software including, Anti-Virus and Firewalls.

ServerLink takes security very seriously and has partnered with some of the major players in the industry such as Symantec, MacAfee as well email continuity partners such as Mimecast which offer plugins to specially identify and block these type of potential threats from even reaching your inbox.