A secondary school in Derbyshire, who we shall anonymise, has become one of many schools to be targeted by cybercriminals just as the National Cyber Security Centre warn that "appropriate security measures" should be in place to defend against any threats and prevent disruption.

While there is no indication of an increased threat ahead of schools going back this week, the start of a new term means the impact of any attack could be more keenly felt than at other times of year.

And that was the case for one school in Derbyshire, who were about to welcome back students after the summer holidays.

In a public letter to parents and guardians, posted on the school’s website, the Headtacher wrote on August 24:

“We have been made aware of a cyber-attack which has affected the server at the school and in turn the school IT systems.

I have contacted our Data Protection Officer and have reported the incident as a potential data breach to the ICO, in line with statutory requirements of the Data Protection Act 2018 / GDPR.

This incident is being investigated by the relevant authorities and the school has taken immediate remedial action to limit data loss and restore systems.

We are unsure at this moment if personal data pertaining to students, parents and staff has been compromised but I would rather err on the side of caution, hence this announcement to you all, and I invite you to take any measures you feel necessary to safeguard yourselves.

It will become clearer to us as the investigation progresses as to what has happened, how it happened and what data has been compromised. I will continue to work with you to inform you of any developments as soon as I can. For now, my only method of communicating with parents and carers is using our website and social media pages. We unfortunately have no access to our phone or email systems at this time.

The National Cyber Security Centre, which is part of GCHQ, has previously warned of an increase in ransomware attacks affecting the education sector.

This is when criminals gain access to a victim's network to plant malicious software designed to block access to a computer system until money is paid.

According to a threat report by cybersecurity company SonicWall, overall ransomware attacks slumped to a four-year low during the first quarter of 2023 but have been steadily on the rise since then. You can read the full story via Sky News.

In an updated post on September 4th, the school’s Headteacher continued:

“We look forward to welcoming the children back to school on Tuesday, September 5. We have restored and repaired the majority of our critical computer systems and have robust contingency plans in place in the absence of others to ensure all children are safeguarded and we can get students through the cafeteria as normal.

All staff have been working very hard to prepare for business as usual and also to prepare engaging and challenging lessons where modern technology isn’t working. This has been a difficult few weeks but the team look forward to welcoming the children back and re-establishing our routines and taking on a fresh challenge!”

Last September, just weeks into the new term, six schools in the same academy trust in Hertfordshire had their internal systems brought down by a cyberattack.

And on September 1st this year, a school in Suffolk saw a hack take all of its computer facilities taken offline, leaving technicians scrambling to restore them before term starts.

The truth of the matter is that schools are vulnerable due to limited budgets and spending priorities meaning cyber defences may be lacking.

But basic digital hygiene should not be ignored; it can help protect important data, and can be as simple as setting up two-factor authentication when logging into a school account and keeping computers and their software up to date.

Students and teachers should also be regularly reminded of how to stay safe, including the importance of strong passwords, avoiding suspicious downloads, and recognising phishing attempts in emails.

For more information, request our free information pack, and if you’re concerned about the cyber stance of your school, contact us.

Further reading...

We've written multiple blogs on cyber attacks and criminal activity on schools, colleges and universities. Have a browse through past blogs here.

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).