It has been reported that the UK’s leading cybersecurity authority has updated its guidance on ransomware following a spate of attacks on the education sector. GCHQ spin-off, the National Cyber Security Centre (NCSC), said it was investigating another rise in threats targeting schools, universities, and colleges.“Ransomware attacks can have a devastating impact on organizations, with victims requiring a significant amount of recovery time to reinstate critical services. These events can also be high profile in nature, with wide public and media interest,” the NCSC said. “In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records as well as data relating to COVID-19 testing.
<p>Academic institutions have been a prime target for cybercriminals, throughout the pandemic, with ransomware posing a particularly high level of risk. Since March of 2020, institutions have had to make a sudden shift to remote learning model with both staff and students having to navigate new ways of learning and communicating. Many students using online learning for the first time are particularly vulnerable because it can be harder for them to differentiate between legitimate messages and phishing attacks. Educational institutions should offer support and training to their staff and students, and make it a prerequisite to getting access to devices and online systems. It is only through security awareness training that students and staff can make better informed decisions. Institutions should also implement two-factor authentication to reduce the risk of accounts being taken over through compromised credentials obtain on the dark web.</p>