top of page

Further ransomware attacks on the UK education sector

Earlier this month, an alert warning of further ransomware attacks on the UK’s education sector was issued by the NCSC after a notable rise in cases, and since then two schools in Tunbridge Wells have also been hacked.

The NCSC previously reported increases in ransomware attacks on the UK education sector in September 2020 and in March this year, and has updated this alert in line with the latest activity.

Ransomware is a type of malware which can make data or systems unusable until the victim makes a payment, which can have a significant impact in an education environment.

More recently, there has been a trend for cyber criminals to also threaten to release sensitive data stolen from the network during the attack, if the ransom is not paid. There are many high-profile cases where the cyber criminals have followed through with their threats by releasing sensitive data to the public, often via “name and shame” websites on the darknet.

Alongside acting on the mitigation advice contained within the alert, the NCSC strongly emphasises the need for organisations in the sector to protect their networks from attack.

The NCSC has produced a number of practical resources to help educational institutions improve their cyber security, and they are encouraged to take advantage of their Exercise in a Box tool which helps organisations test and practice their response to a cyber attack in a safe environment.

Organisations in the sector are also advised to sign up to the NCSC’s free Early Warning service, which is designed to inform organisations of potential cyber attacks on their network as soon as possible.

At the East Midlands Cyber Resilience Centre, we also want to encourage school staff, managers and board members to sign up for our free core membership which shares the latest guidance, news and security updates that have been tailored for schools, colleges, businesses and charities who are based in the East Midlands region.

Our Business Premium+ Membership could also support schools for a 12-month period, this includes Cyber Security Policy and Procedures Templates, a Website Vulnerability Scan and Cyber Awareness Training which is tailored to each school/college and delivered to staff in-person or online.

Whilst 75% of primary and secondary schools have a cyber security policy, by signing up for a membership with the Cyber Resilience Centre we provide schools with cyber security policies & procedure templates. These policies will help schools understand the processes that should be in place to protect the school, its staff, its data and its assets.

Look out for more information on how schools can protect themselves against cyber criminality in the coming weeks.



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page