Harris Federation disables students' emails following ransomware attack

The "temporary" move has left 37,000 students unable to access their correspondence and coursework

Email symbols with padlock against dark background

Students at London-based Harris Federation schools have been cut off from their email accounts after the trust became the latest educational institution to fall victim to a ransomware attack.

The incident, which took place over the weekend, comes just days after the University of Northampton fell victim to a cyber attack and follows a worrying trend of hackers targeting educational institutions and disrupting student learning, which has already been heavily affected by the coronavirus pandemic.

The Harris Federation has been forced to “temporarily” disable its email systems and devices of all of the 50 primary and secondary academies that it manages, leaving 37,000 students unable to access their correspondence and coursework.

The academy trust said that the steps were necessary to mitigate the impact of a ransomware attack that encrypted the data on the schools’ IT systems.

It also added that it is “using the services of a specialised firm of cyber technology consultants” as well as “working closely with the National Crime Agency and the National Cyber Security Centre”. Details of the ransom are not publicly available and the trust was not immediately available for additional comment.

In the past five weeks alone, hackers have targeted the University of Northampton as well as Oxford University’s Division of Structural Biology. The recent increase in cyber attacks on educational institutions has prompted the National Cyber Security Centre (NCSC) to issue an alert urging organisations to follow its guidance on ‘Mitigating malware and ransomware.’

NCSC director of operations Paul Chichester labelled the targeting of the education sector by cyber criminals as “completely unacceptable”.

“This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted.

“We are committed to ensuring the UK education sector is resilient against cyber threats, and have published practical resources to help establishments improve their cyber security and response to cyber incidents.”

Commenting on the Harris Federation ransomware attack, Ilia Kolochenko, CEO of security company ImmuniWeb said that, “unlike large universities, which can afford spending considerable budgets on cybersecurity, primary schools often struggle to get budgets even for the very foundational security controls, let alone advance cyber defense solutions”.

“Worse, such victims commonly have no choice but to pay the ransom from modest school funds, leaving no money for other activities,” he added.

Kolochenko urged the UK government to "urgently intervene with cyber training, financial and technical support in the UK educational sector”. 

“For example, when buying security software, a volume-discount for all schools in the UK could be huge and make even premium security products affordable. Importantly, cyber police units are also deprived of sufficient funding proportional to surging and sophisticated cybercrime.

"Law enforcement agencies require undelayed financial support to attract new professionals, align forensic capacities with modern cyber threats and perform educational support and awareness among future victims.”

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Hackers used SonicWall zero-day flaw to plant ransomware
ransomware

Hackers used SonicWall zero-day flaw to plant ransomware

30 Apr 2021
How can you protect your business from crypto-ransomware?
Security

How can you protect your business from crypto-ransomware?

20 Apr 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

9 Apr 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021