Hackers target Cambridge Meridian Academies Trust which runs Stamford Welland Academy and Bluecoat Primary with ransomware attack
An academy trust with schools in Stamford has been targeted by hackers.
Cambridge Meridian Academies Trust confirmed its systems came under cyber attack and has reported the matter to the government.
The trust includes Stamford Welland Academy and Bluecoat Primary School, as well as schools in the Cambridgeshire area.
It fell victim to the growing threat of ransomware – a type of malware that prevents you accessing your computer, or data stored on it. Often, hackers use this form of attack to demand payment to enable users to get back into their systems, although the academy trust did not confirm if this was the case here.
A spokesman for the trust said: “Our IT team identified ransomware within our network on Friday, March 12 and we acted quickly to keep any disruption to a minimum for our students and staff.
“After a weekend of hard work, all our schools opened as normal on Monday (March 15): core services are either back online already or will be fully restored over the next few days.
“This matter has been reported to the government’s National Cyber Security Centre as is routine in this situation. We do not believe that any sensitive or personal information has been accessed. Parents and students should check their school’s website for further details.”
Trust devices, including administrative desktop computers, students’ desktops, staff and student laptops, have been handed over for checking and rebuilding. It is thought that the attack resulted from a phishing email.
Pupils have been unable to access their emails since the attack, with some asked to check that they have coursework backed up.
ICT classrooms have not been in use and are likely to be out of action until next week at the earliest.
Pupils had only begun returning for face-to-face teaching last week following the national lockdown.
The attack also caused some of the schools to have problems with their phone lines on Monday, with others forced to suspend Covid-19 testing.
A NCSC spokesperson said: “We are aware of this incident and are working with the Cambridge Meridian Academies Trust and law enforcement partners to fully understand its impact, though the Trust has confirmed that the immediate disruption to students and staff has been mitigated.
“The NCSC works closely with the education sector and we have published practical resources to help schools improve their cyber security and response to cyber incidents.”
Ransomware attacks can leave a computer locked up, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network, such as the Wannacry malware that hit the NHS in May 2017.
Usually victims are asked to contact the attacker via an anonymous email address or follow instructions on an anonymous web page, to make a payment. The payment is invariably demanded in a cryptocurrency such as Bitcoin.
The attack is the latest in an increased number of ransomware attempts affecting schools, colleges and universities. The increase prompted the NCSC to release an alert in September last year to those responsible for IT and data protection at education establishments.
It warned the hackers could target the victim’s network in a number of ways, including via remote desktop sessions, unpatched or unsecure devices and through phishing emails.
A ‘Future Workspaces’ report –released on Tuesday, March 16, by lawyers at Harrison Clark Rickerbys in Cambridge – found the first lockdown saw a steep rise in cyber-attacks, from 137 to 9,116 incidents from January to March last year.
This has escalated over the past year, with Barracuda Networks reporting a 600 per cent increase in phishing emails at one point.