Schools Forced to Shut Following Critical Ransomware Attack

Two schools in the south of England have been forced to temporarily close their doors after a ransomware attack that encrypted and stole sensitive data.

The Skinners' Kent Academy and Skinners' Kent Primary School were attacked on June 2, according to a statement on the trust’s website which said it is currently working with third-party security experts, the police and the National Cyber Security Centre (NCSC).

It revealed that on-premises servers were targeted at the Tunbridge Well-based schools. As student and staff emergency contact details, medical records, timetables and registers were encrypted by the attackers, the decision was taken to close on Monday.

“Data stolen includes: a wealth of teaching resources, school trip information, policies, human resources files and a significant amount of staff data, some student data including medical information and data pertaining to our iPad scheme,” an FAQ statement noted.

“Data encrypted (and therefore not accessible to the school anymore) includes our management information system, which contains the bulk of contact details for parents. Therefore, it is the latter that we have had to ask parents to re-submit to the trust.”

Students and parents have been advised to change any passwords, and parents have been told to inform their bank that account information may have been taken.

“The details of bank accounts may have been accessed through details taken for the iPad scheme for example,” the trust said.

The news comes just days after the NCSC warned of a surge in ransomware attacks on the UK’s education sector.  It claimed that phishing, RDP hijacking, and targeting vulnerabilities in VPNs and other systems were the primary attack vectors.

“As a result of the pandemic, schools have shifted to remote and hybrid learning, leading to an increase in the types of devices accessing the school’s cloud-based servers to attend classes and complete schoolwork,” argued Lookout security engineer, Burak Agca.

“A lack of visibility and a high degree of fragmentation in operating system platforms and device types introduces several security gaps and risks which schools have been struggling to deal with."

What’s Hot on Infosecurity Magazine?