Security Breach: The Dark Tale of a School Hacked

Stories about fraudsters targeting UK schools and demanding payments of up to £8,000 to unlock data they have encrypted with malware (malicious software) seem to be never-ending. These potential criminals initially cold-call schools claiming to be from the Department for Education. Once they have the email addresses they require, they forward documents to those addresses with file-freezing malware, also known as ransomware.

But are these just scary stories to make sure we are aware and ready for any such an attack? These are not just hypothetical situations: such stories are based on real-life situations.

A headmaster recently wrote a heartfelt blog about an experience they wanted to share with others to help in such a situation. Without mentioning the person or school, here is a small piece of a very dark tale:

“Even though I have read about the consequences of a ransomware attack, I was fully confident that our systems were backed up and secure. Our computers were on a single network, and our staff operated on their own mobile devices. There was never a call for any concern from any member of the team, and it was merely a case of making sure passwords were updated and that computers were locked when not in use. I was content and happy with our general set up.

“What I did not expect was a seemingly innocent sales call from a company, allegedly representing the Department for Education, stating that they needed to update email address profiles and settings for leading staff. With GDPR high on the agenda, I thought nothing of this, merely looking to make sure we didn’t fall short on any laws governing the GDPR process over kept data.

“After the pleasant call, my staff and I received a few emails confirming our details and the manner and nature of the call, all seemed perfectly legitimate, and there was no hesitation in clicking on a link to verify our updated details to make sure we did not fall afoul of GDPR law. However, we instantly found out it was a scam, and within a flash, we were under cyberattack.

“The resulting days were the toughest in my years in education. Finally admitting that there was nothing we could do to unlock all the data in our classroom and staffroom computers, and crippled by the embarrassment, I agreed to pay from my own money to release the blocked data.”


How can Academia help stop ransomware attacks?

Prevention is the best defence. We recommend you set up your security settings to prevent it in the first place. We partner with Sophos to offer security-first software and hardware solutions, drawing from over 30 years of experience in IT security. Speak to us today to learn about the services we can provide your education organisation or facility on or call 01992 703 900.

Tips, resources, and advice for remote learning Find out more