National Cyber Security Centre
Schools offered free cyber defence tools to help keep out attackers
UK education settings can sign up for the NCSC's Web Check and Mail Check services to protect their websites and email servers from cyber attacks.
- Schools urged to sign up for free online tools to help boost email and website security
- GCHQ’s National Cyber Security Centre expands eligibility for Mail Check and Web Check services to cover more education settings
- Case studies show benefits of the tools, with one user reducing email spoofing by 99% in just two weeks
SCHOOLS can now benefit from free cyber defence tools from the nation’s leading experts to help them protect their emails and websites from online attackers.
The tools, from the National Cyber Security Centre (NCSC) – a part of GCHQ, have been rolled out to help schools defend against the continuing threat from cyber criminals whose activities can put sensitive data at risk and affect institutions’ reputation and ability to operate.
It is the latest example of the NCSC supporting the education sector as settings rely more on technology, with hundreds of universities already benefiting from the services which form part of the NCSC’s Active Cyber Defence programme.
Successes include one university reporting a 99% decline in the number of malicious spoof emails sent out using their domain in just two weeks after signing up for Mail Check, and thousands of urgent web issues being fixed after education institutions were alerted by Web Check.
Sarah Lyons, NCSC Deputy Director for Economy and Society Resilience, said:
“Technology plays a central role to the way schools operate, so it’s vital they have the right controls in place to identify security issues and fix them promptly.
“By signing up to our pioneering Mail Check and Web Check services, schools can help to defend their email servers and websites from common cyber threats with a few actionable steps.
“We strongly encourage schools to use these free tools to help make the most of modern technology in as safe a way as possible.”
The Active Cyber Defence programme helps prevent millions of cyber attacks from causing harm in the UK.
The Web Check service scans websites to check for common, significant vulnerabilities and sends a report to organisations flagging any issues according to severity alongside advice on how to fix the problems.
And Mail Check is designed to help technical teams assess and improve two areas of email security: anti-spoofing controls to prevent attackers sending emails pretending to be from your organisation, and email privacy measures to prevent data being altered or read in transit.
Schools Minister Robin Walker said:
“Schools have embraced technology to support the invaluable face-to-face learning provided by teachers, but this has reinforced the need to ensure that their online systems are secure.
“The Web Check and Mail Check tools that are being offered will help protect schools from the threat of cyber-attacks, which have the potential to have a significant impact on school networks, and as a result, pupils’ learning.”
Hundreds of further education colleges and universities have already benefited from the services, with more than 75% of eligible universities having signed up for Web Check and more than 80% registering for Mail Check.
A recent Web Check scan of 10,800 college and university domains showed the service had alerted users to more than 2,700 urgent findings. Having been notified and prompted with NCSC mitigation advice, users have so far managed to fix more than 92% of these findings.
And in one case, thanks to Mail Check monitoring, one university was able to spot 36,642 malicious emails being sent out from their domain within the space of just two weeks.
The service helped the university implement the right DMARC controls and in the two weeks after implementing the policy, there were just five malicious emails identified and successfully quarantined – a reduction in spoofing of 99%.
Latest News from
National Cyber Security Centre
NCSC urges organisations to prepare for the long haul on Russia-Ukraine05/07/2022 15:20:00
Guidance issued advises how organisations can avoid staff burnout during an extended period of heightened cyber threat.
Commercial cyber capabilities must be used legally and responsibly, says UK NCSC CEO29/06/2022 16:20:00
Lindy Cameron's speech at Tel Aviv Cyber Week emphasised the importance of partnerships and international regulation of sophisticated cyber capabilities.
UK joins international cyber agency partners to release supply chain guidance12/05/2022 14:20:00
Joint advisory sets out practical steps to take for managed service providers and their customers to protect themselves.
NCSC joins industry to offer unprecedented protection for public from scams12/05/2022 13:20:00
Data sharing collaboration will allow ISPs to instantly block access to fraudulent sites.
Organisations offered streamlined guidance to help them move to the cloud12/05/2022 11:15:00
Cloud security guidance refreshed to support small businesses to large organisations moving to cloud-based services.
Chancellor of the Duchy of Lancaster speech at Cyber UK11/05/2022 16:12:00
Steve Barclay today gave a speech at the Cyber UK conference in Wales.
Russia behind cyber attack with Europe-wide impact an hour before Ukraine invasion11/05/2022 15:43:00
New UK and US intelligence suggests Russia was behind an operation targeting commercial communications company Viasat in Ukraine.
New email security tool launched to help organisations check their defences11/05/2022 10:33:00
A free email security check service helps organisations identify vulnerabilities.