Over the course of the 20/21 academic year, persistent cyber attacks against schools and colleges led to the National Cyber Security Centre (NCSC) having to issue a specific cyber security alert, encouraging education leaders to take swift action.
In April 2021, the NCSC launched resources to help improve cyber resilience for schools to reduce the impacts of the loss of money, coursework and access to essential work systems, sometimes for many weeks. A further alert was also published as ransomware attacks against the education sector escalated, resulting in a recommendation by the NCSC that schools take a ‘defence in depth’ strategy to prevent and mitigate cyber-attacks.
The NCSC hotline has received over 13 million reported scams for the year to date by the end of July 2022, which shows that the problem is not going away. Scammers are becoming more sophisticated with their techniques on websites, email (phishing), and SMS text messaging (smishing).
Pinch Points = Scam Opportunity
Of course, cybercriminals design their scams based on fear and opportunity. So, with the current energy crisis adding to financial pressures for UK homes and businesses – including schools and colleges – there is a worry for further increases in specific phishing attacks.
As a leading UK cyber security distributor with a sizeable customer base within education using our technology, we are urging schools to ensure that they are fully prepared for this escalation.
One part of the protective solution is technology – having the relevant hardware and software in place to minimise the opportunity for attacks. But, just as essential is a programme of ongoing education for employees, including teaching staff and administrators within schools, colleges and academies.
Understanding what to look for with phishing scams and how to deal with them is key to developing a more robust and holistic approach to cyber security throughout your organisation.
Earlier this year, we launched Cyber Education – an ongoing programme that develops awareness and resilience for team members that could be targeted. Designed and priced specifically for schools, Cyber Education allows the governance of schools and colleges to adhere to guidelines set down by the NCSC. Furthermore, and probably more critical, it teaches your team to help minimise cyber attacks and the potential fallout that may follow.
Darran Clare, head of business development at Cyber Distribution commented: