Crown Commercial Service
Helping the education sector avoid cyber attacks
With the recent increase in cyber attacks within the education sector, here are some top tips to avoid this happening to your school, college or university.
Since late February 2021, the National Cyber Security Centre (NCSC) has identified an increase in cyber attacks within the education sector.
These attacks are predominantly ransomware attacks where cyber criminals use a malicious software to block access to computer systems and threaten to release the organisation’s sensitive data unless the ransom is paid.
Due to the nature and amount of sensitive information that schools, colleges and universities hold, these attacks can have devastating impacts on organisations.
How can my organisation be attacked?
Ransomware attackers can gain access to your computer systems in a number of ways:
- Distributed Denial of Service (DDoS) – this attack is to cause widespread damage and disruption to the network, having a massive impact on productivity: attacks against online educational resources are over three times more prevalent in 2020 than they were last year due to the lack of security protection when working from home
- spear phishing – this attack is managed via email or electronic communications, in an attempt to scam the individual and to lead them into a bogus website full of Malware, giving the hacker access to a wealth of information
Other areas of access include:
- vulnerable software or hardware
- remote access
- remote desktop protocol
- virtual private network (VPN) vulnerabilities
Why is it important to protect your data?
Data is valuable, and within the education system it is important that the safety of the students and all of the information that you store is not compromised. In the unfortunate event of an attack, data can be used in many ways:
- financial gain – hackers carrying out an attack on an education institution may do so for financial gain; data can be used as a bargaining tool to extort money. As universities and colleges are handling large amounts of money in student fees, they are a prime target for cyber criminals
- fraud – data is extremely valuable and can be used to steal someone’s identity or to gain access to their online accounts for malicious purposes
- espionage – universities are usually centres for research and hold intellectual property. This can be used for personal, economic, political or military advantage. This also poses a large threat to a large volume of personal data and the misuse of information
How can these attacks be prevented?
Managing risk isn’t just about having the right technology – people are an important part of risk management too. Raising awareness of cyber security within your organisation can play a vital role in countering cyber threats. Cyber awareness training will ensure that your staff understand the potential threats, the impact they have on the organisation, and the steps they need to take to prevent these threats infiltrating their workspace.
In the event of a cyber incident, having access to recent, tested offline backups will ensure that your organisation is able to recover quickly and to restore data.
This can be used to audit and test your IT systems, identifying potential vulnerabilities and recommending effective security countermeasures.
To mitigate malware and ransomware attacks please seek NCSC guidance.
Please report any incidents to the NCSC and seek expert advice.
How can CCS help?
We have a dedicated cyber security team that can assist with your requirements and help you protect against the increasing complexity of cyber attacks. The Cyber Security Services 3 dynamic purchasing system (DPS) is the only route to market for NCSC-assured services and covers a wide range of cyber services.
Don’t forget, you can find a full list of all the commercial agreements we offer, alongside details of how we can help you build policy considerations into your procurement, in our interactive digital brochure.
Latest News from
Crown Commercial Service
Rising to the challenge: CCS publishes its Annual Report and Accounts 2020/2116/07/2021 12:20:00
CCS's Annual Report and Accounts show how the organisation is helping the UK public sector to build back better.
Social value: how local government is leading the way15/07/2021 12:20:00
David Bemrose explains how Crown Commercial Service is working with local government and suppliers to build social value into public procurement.
Nottingham College appoints local SME to carry out a restoration project on their Grade II listed campus12/07/2021 09:25:00
The college received ‘excellent guidance and service’ when procuring construction works through CCS.
Transforming Glasgow into a world-class smart city09/07/2021 09:15:00
Glasgow City Council invests in a full fibre network giving the city cutting edge technological capability.
Breckland Council expect to make 30% efficiency savings by using chatbots08/07/2021 09:15:00
Find out how Breckland Council has used the CCS’s Artificial Intelligence Dynamic Purchasing System (DPS) to implement chatbots in their customer contact centre.
Hybrid mail and digital mailroom: helping you save on your mail02/07/2021 15:10:00
Switching to hybrid mail could easily save you up to 35% of your spend on mail activities. We help you find out how.
Cycle to work: help your employees saddle up and save02/07/2021 10:15:00
In this article, we discuss the benefits of cycle to work schemes and share our top tips on how to set up a successful scheme.
Keeping critical information safe with a new network infrastructure for Walsall Healthcare NHS Trust30/06/2021 12:20:00
Discover how our Technology Products and Services (TePAS) framework helped one NHS Trust upgrade their network infrastructure.
Why use National Cyber Security Centre assured services to tackle new cyber security challenges?28/06/2021 10:25:00
In this article, we discuss the benefits of using National Cyber Security Centre’s (NCSC) assured service providers to help you tackle the increased cyber security needs of home working.