NCSC offers free training to schools after rise in cyber attacks

published 22 April 2021

The National Security Cyber Centre (NCSC) is offering free cyber security training for schools in an effort to confront a recent rise in the number of attacks against the sector.

The training package is a scripted powerpoint presentation that offers school staff four steps for building basic cyber security safeguards, including how to defend against phishing attempts, the effective use of passwords, and how to properly secure devices.

Harris Federation disables students' emails following ransomware attack Evidence suggests REvil behind Harris Federation ransomware attack University of Hertfordshire's entire IT system offline after cyber attack

The powerpoint presentation can be downloaded from the NCSC website and covers topics like the actors behind cyber attacks, cyber threats from outside or inside schools and provides statistics on school cyber resilience. It is designed to be accessible by any staff member, regardless of their technical knowledge, and once it has been completed they can download a certificate.

The training also covers a number of real-life case studies, and references the 'have i been pwned' database, which alerts users when their details have been published online by hackers.

The move follows last month's updated alert from the NCSC, which warned of a “significant increase” in the number of ransomware attacks against educational institutions, many of which lack the resources to invest in cyber security.

“It is vital that schools have robust cyber security in place, and these new resources and training will help staff to increase protection from attacks,” said Schools Minister Nick Gibb.

Just last month, a ransomware attack forced the Harris Federation to temporarily disable access to its central email system and network-attached devices, leaving 37,000 students across 50 primary and secondary academies throughout London unable to access their coursework or messages.

It's thought the ransomware gang REvil was behind the cyber attack, after the trust's financial records were published on a dark web forum known to be associated with the group.

At the beginning of March, 15 schools across Nottinghamshire also had to shut down their IT networks after the Nova Education Trust was hit by a cyber attack. Schools were unable to access emails or their websites and were not able to conduct lessons remotely.

Attacks against universities are also on the rise - an attack on the University of Hertfordshire last week knocked its entire IT network offline, blocking access to each one of its cloud-based services. This included its Wi-Fi network, student record portal, and email system for both staff and students. Online teaching was also cancelled as a result.

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.