UK’s largest state boarding school announces ‘sophisticated cyberattack’
Wymondham College, the largest state boarding school in the United Kingdom, announced on Tuesday that it had been hit by a “sophisticated cyberattack”.
The school, which has just over 1,200 students aged 11 to 18, did not explain the nature of the attack.
Wymondham is the latest educational establishment in the country to face disruption as a result of a cyber incident and follows repeated warnings from British cyber authorities about an increase in ransomware attacks against schools.
In an email to The Record, Jonathan Taylor, the chief executive of the institution’s parent company, Sapientia Education Trust, said: “We are not aware of any data breach. A number of the College’s systems have been impacted, including access to some files and resources.”
Taylor added that the school “remains open as usual and our priority is to ensure continuity of educational provision. We anticipate some on-going disruption over the next couple of weeks, whilst we work to remedy the issues.”
Wymondham is working with the National Cyber Security Centre (NCSC) “to ensure an appropriate response,” and has notified the Department for Education, said Taylor.
He added that the school hadn’t received a ransom demand yet, although he wouldn’t be surprised if it developed that way. It was his understanding that a number of other schools in the U.K. had been affected in the last week.
The NCSC first issued an alert to British schools about ransomware attacks in September 2020 warning of “an increased number of ransomware attacks affecting education establishments in the U.K., including schools, colleges, and universities.”
The alert page states that it has been updated several times since then due to further ransomware attacks.
The NCSC continued to reference an increase in attacks as recently as last month when it published a survey finding that “despite an increase in the number of ransomware attacks” schools were becoming “better prepared” to deal with these incidents.
This preparation includes protecting IT networks but also focusing on a quick recovery from the incident itself.
The cybercrime group known as Vice Society has been behind a spate of ransomware attacks targeting educational establishments in Britain and around the world. The criminals extort their victims by stealing sensitive data and threatening to release it unless a ransom is paid.
Last year the Hive ransomware group demanded £500,000 (about $608,000) from two schools in England following an attack.
Back in February the BBC reported that highly confidential data stolen from 14 schools in the U.K. had recently been published by the group. In several situations the schools did not inform students and staff that their data had been published on the leak site.
The scale of the threat posed by the financially motivated criminal hackers has caused significant concern for British officials, with a joint committee of lawmakers currently holding an inquiry into whether the U.K.’s national security strategy is effectively addressing the threats posed by ransomware.
As The Record reported last November, ransomware incidents in Britain were becoming so disruptive that the majority of the government’s “Cobra” crisis management meetings at the time were convened in response to them rather than other emergencies.
Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.