MalwareSecurity

UK School Forced to Close Following Cyber-Attack

A UK School has been forced to close following a significant cyber-attack, leading to a critical incident being declared.

The Billericay School, based in Essex, informed parents in a letter that its site is closed to all students on Monday, June 3.

Headteacher Mr P. Berry said the attack has resulted in all the school’s IT system being compromised and inaccessible by a complex encryption.

“Whilst our IT support staff are working hard to resolve the issue and have already made significant progress in restoring the required systems, the situation as it stands is significantly affecting our ability to operate the school safely and effectively,” he explained.

The incident occurred despite industry standard firewalls, firmware and malware security being in place, Mr Berry added.

The June 3 closure will allow teaching staff time to make alternative preparations for teaching classes without access to resources stored on the school system.

For students in Years 11, 12 and 13, all public examinations and revision classes will proceed as normal. All other timetabled classes are due to resume as normal on Tuesday June 4.

Students in Years 7-9 have been told to use remote learning platforms in the meantime.

Students eligible for free school meal will be able to collect a packed lunch from the main school reception between 11.30am and 1.30pm on June 3.

Mr Berry wrote: “Whilst I appreciate the additional strain this will place upon families, we must be sure that the school can operate safely and effectively in wake of this significant critical incident. I will write to you again next week to share with you an update on this incident.”

Schools, a Frequent Ransomware Target

The Billericay School has not given any further details on the nature of the attack, or whether any data was stolen. However, the letter suggests the incident was ransomware-related, with the institutions IT systems rendered inaccessible by a complex encryption.

Multiple UK schools have suffered data breaches arising from ransomware attacks in recent years, with hackers releasing stolen data online when their payment demands are not met.

In January 2023, confidential data including special educational needs (SEN) information, pupil passport scans, staff pay scales and contract details from 14 schools were leaked online by the threat actor Vice Society.

A series of UK schools revealed they had fallen victim to ransomware attacks in September 2023, as the new school term was about to begin. In some cases, this led to a delay in the term starting.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button