Reports have come in of a school in England being forced to close in the first week of term due to a cyber attack. The south London school was closed for three days due to a ransomware attack, leaving approximately 1,300 students in the lurch. And it’s not an isolated case.

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. Attacks on the education and childcare sector in the United Kingdom have reached record levels in recent years, with 126 incidents reported to the Information Commissioner’s Office in 2023 — more than in any year prior.

A further 27 attacks were also reported to the ICO in just the first quarter of 2024, more than double the number of incidents that were reported in the same quarter in the previous year.

Multiple schools, including Wymondham College, the largest state boarding school in the country, and Tanbridge House School in West Sussex, were hit by cyber extortionists who threatened to release stolen data unless a ransom fee was paid.

According to official statistics from the Government's Cyber Security Breaches Survey 2024, where 356 schools were surveyed, 52% of primary schools and 71% of secondary schools reported having a security breach in the last 12 months. The top three types of breaches or attacks reported were:

92% of primary schools and 89% of secondary schools reported phishing - where an email is sent that attempts to trick someone into providing information.

29% of primary schools and 58% of secondary schools reported impersonation in emails – this is where staff receive an email that looks like it has come from the school, usually asking the recipient to provide information, open a file or click on a link.

14% of primary schools and 21% of secondary schools reported viruses, spyware or malware – this could be when a person has opened a file or clicked on a link that contains malicious software that compromises the device, potentially giving access to an attacker.

These statistics highlight why it is so important to train all staff going into schools on Cyber Security.

Make sure all your candidates do the CandidateGo Cyber Security for School Staff course which helps to highlight the risks, spot the main threats, talks about what to do in the event of a cyber security attack and what actions to take to protect staff and schools.