In what is likely Vice Society’s handiwork, the UK’s largest state boarding school Wymondham College has announced it has become the victim of a “sophisticated cyberattack”. The school didn’t provide additional information, but Jonathan Taylor, chief of the school’s parent company Sapientia Education Trust, has revealed the school is yet to receive a ransom note.
In an email to The Record, Taylor said:
“We are not aware of any data breach. A number of the College’s systems have been impacted, including access to some files and resources.”
Taylor said the school remains open, saying the priority is “to ensure continuity of educational provision”. The Norwich Evening News reports disruption will likely continue until the Easter holidays as the attack targeted the College’s IT system.
Wymondham College is working with the National Cyber Security Centre (NCSC), the UK’s authority for cyber incidents, to ensure an appropriate response. Taylor says the Department of Education has also been notified.
The NCSC has warned the UK education sector about increasing targeted ransomware attacks toward schools, colleges, and universities. However, latest research from the London Grid for Learning (LGfL) reveals that only 53 percent of UK schools feel prepared for a cyberattack.
How to avoid ransomware
- Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; disable or harden remote access like RDP and VPNs; use endpoint security software that can detect exploits and malware used to deliver ransomware.
- Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
- Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
- Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
- Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.