InfoSec / Cyber

Cyber attacks in navy, harry the hacker looking at computer screens and phishing (fishing) a laptop

Cyber Attacks

The National Cyber Security Centre has today upgraded it's advice to schools relating to the prevalence of cybers attacks in the sector:

https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector

"The NCSC continues to respond to an increased number of ransomware attacks affecting education establishments in the UK, including schools, colleges, and universities.

This report details recent trends observed in ransomware attacks on the UK education sector. This encompasses trends observed during August and September 2020, as well as the more recent attacks since February 2021. It also provides mitigation advice to help protect this sector from attack.

This alert is designed to be read by those responsible for IT and Data Protection at education establishments within the UK. Where these services are outsourced, you should discuss this Alert with your IT providers.

It is also important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services

Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached."

 

DPE has a range of resources to help you with cyber attack prevention. Whilst, your IT department is key to success in this area in relation to technical security measures in place, we focus on the more human factors involved in cyber risk.

Firstly, we recommend that all users complete the NCSC's "Stay Safe Online" course, available on the Knowledge Bank. Additionally, we have a range of information security e-learning nuggets for increasing awareness.

Secondly, we recommend that schools review and consider working towards a Cyber Essentials Plus certification. The questionnaire is available on the Knowledge Bank. This covers the technical and human elements of cyber prevention. 

Thirdly, we are preparing a Cyber Security best practice area, with resources and links to other guidance. This will also incorporate our main tool for cybersecurity preparation - our Phishing Simulation tool. This will be available to school immediately after Easter and will allow you to test your organisational resilience to phishing attacks.

If you have any questions, concerns, or if you have been subject to a cyber-attack please contact us immediately.

 

 

Search