Best Practice Update

Cyber Attack on a School

Cyber Attack on a School

The Misbourne School in Great Missenden had to partially shutdown in January due to a cyber attack.  The attack significantly affected its infrastructure and operations.
The school advised that the ransomware attack was of international origin which encrypted and locked down their servers and network and left them unable to use the internet affecting critical systems used in daily operations.

The school did report the breach to the ICO and the National Cyber Security Centre.  Unusually, the school published a detailed update on their own school website which detailed the attack and what they had done to try to determine whether staff, families and students data was affected.  They also gave a dedicated email address to contact with any questions about the attack:

The Misbourne

The school also goes on to answer further questions and give further advice and support about the attack.

A cyber attack can be devastating to a school, not just in loss of data, but in the time and funds it takes to get back up and running.  In this instance, the school has done a fantastic job in the way it has communicated information to those individuals whose data it holds and we wish them well in their recovery.

We can provide help and support around cyber resilience and cyber security, which includes a Best Practice Area and Checklists.

Answer a sample Information/Cyber Security checklist question:

Have staff completed cyber security training?

Invalid Input


Amazing, you have ticked off an important item on the Information and Cyber Security checklist.  Staff should have cyber security training annually if they have access to the network.  This should also include training and awareness about passwords, data breaches and information security.

For further help and guidance and access to the full checklist, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..




As a controller you are responsible for keeping any personal data safe that you collected.  Raising cyber security awareness is part of keeping personal data and systems safe.  The DfE Digital Standards for School and Colleges advises that all staff that have access to the network should have annual training. This should include a designated governor.  The NCSC provides free School Staff Training.  Further free training is highlighted in this article: Free Cyber Training for Staff

Harry the Hacker loves to take data that isn't protected!

 

Clipart cartoon with headphones on Please contact us for more help and advice about data protection compliance and cyber security standards: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice. 

 


Try asking the data protection lead in your organisation, or SLT digital lead or contact your DPO:

We can provide help and guidance with data protection compliance, cyber security standards and records management: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.


What to do in the event of a Cyber Attack 

Tell someone!  Report to IT. Report to SLT.

Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off. Isolate the infected device and pass to IT 

If you are a victim of a ransomware attack we would recommend reporting this to:
Action Fraud: https://www.actionfraud.police.uk/ as well as your data protection officer so they can advise about the data loss or your local police and ask for the cyber crime team or phone 101 and ask for the cyber crime team.

Most cyber crimes like these will also need to be reported to the ICO by your data protection officer. Our customers should email This email address is being protected from spambots. You need JavaScript enabled to view it..

These incidents should also be reported to the DfE sector cyber team at This email address is being protected from spambots. You need JavaScript enabled to view it..

Academy trusts have to report these attacks to ESFA.

Where the incident causes long term school closure, the closure of more than 1 school or serious financial damage, you should also inform the National Cyber Security Centre.

Always ensure there are backups you can restore from.  Preserving evidence is as important as recovering from the crime.

Forward suspicious emails to This email address is being protected from spambots. You need JavaScript enabled to view it.. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

Little Guide to ACTION FRAUD


Search