Harris Federation disables students' emails following ransomware attack
The "temporary" move has left 37,000 students unable to access their correspondence and coursework
Students at London-based Harris Federation schools have been cut off from their email accounts after the trust became the latest educational institution to fall victim to a ransomware attack.
The incident, which took place over the weekend, comes just days after the University of Northampton fell victim to a cyber attack and follows a worrying trend of hackers targeting educational institutions and disrupting student learning, which has already been heavily affected by the coronavirus pandemic.
The Harris Federation has been forced to “temporarily” disable its email systems and devices of all of the 50 primary and secondary academies that it manages, leaving 37,000 students unable to access their correspondence and coursework.
The academy trust said that the steps were necessary to mitigate the impact of a ransomware attack that encrypted the data on the schools’ IT systems.
It also added that it is “using the services of a specialised firm of cyber technology consultants” as well as “working closely with the National Crime Agency and the National Cyber Security Centre”. Details of the ransom are not publicly available and the trust was not immediately available for additional comment.
In the past five weeks alone, hackers have targeted the University of Northampton as well as Oxford University’s Division of Structural Biology. The recent increase in cyber attacks on educational institutions has prompted the National Cyber Security Centre (NCSC) to issue an alert urging organisations to follow its guidance on ‘Mitigating malware and ransomware.’
NCSC director of operations Paul Chichester labelled the targeting of the education sector by cyber criminals as “completely unacceptable”.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
“This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted.
“We are committed to ensuring the UK education sector is resilient against cyber threats, and have published practical resources to help establishments improve their cyber security and response to cyber incidents.”
Commenting on the Harris Federation ransomware attack, Ilia Kolochenko, CEO of security company ImmuniWeb said that, “unlike large universities, which can afford spending considerable budgets on cybersecurity, primary schools often struggle to get budgets even for the very foundational security controls, let alone advance cyber defense solutions”.
“Worse, such victims commonly have no choice but to pay the ransom from modest school funds, leaving no money for other activities,” he added.
Kolochenko urged the UK government to "urgently intervene with cyber training, financial and technical support in the UK educational sector”.
“For example, when buying security software, a volume-discount for all schools in the UK could be huge and make even premium security products affordable. Importantly, cyber police units are also deprived of sufficient funding proportional to surging and sophisticated cybercrime.
"Law enforcement agencies require undelayed financial support to attract new professionals, align forensic capacities with modern cyber threats and perform educational support and awareness among future victims.”
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.
-
ITPro is 20!We take a look back on the past two decades since ITPro launched...
-
Cyber experts issue alert after two ransomware groups team up on ‘unprecedented’ threat campaignNews The tie-up includes a new model of industrialized ransomware deployment that significantly lowers the barrier to entry for cyber crime
-
‘Every hour ransomware goes undetected drastically increases its potential blast radius’: Hackers are breaching networks and laying low for longer – and nearly half of firms don’t realize until data is stolenNews An ExtraHop survey found more intrusions are going undetected, leading to longer dwell times
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recoveryNews Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes