A UK secondary school has confirmed it was hit by a cyber-incident affecting its IT network.
Hardenhuish School in Chippenham, Wiltshire, confirmed the attack on Thursday, saying hackers gained access to network infrastructure and then demanded a ransom for restoring access.
At the time of writing, it is unclear whether the school paid the ransom, but the school said its pupils’ learning was their absolute focus, so they were doing their best to restore access to the affected systems.
“We have worked with staff to swiftly implement contingency plans to ensure minimal disruption while we get our systems back up and running,” reads the statement. “It is our priority to return to normal service as soon as possible.”
Read more on UK school cyber-attacks here: UK Schools Hit by Mass Leak of Confidential Data
According to Rob Bolton, VP of EMEA at Versa Networks, the attack highlights the vulnerability of the education sector to cyber threats.
“Schools can be a prime target for cybercriminals as they typically have limited IT resources compared to other verticals, often making them an easier target,” the executive said.
“Whilst in this case, disruption was minimal, ransomware attacks on the education sector can result in school closures, ultimately affecting the education of children. It can also affect businesses in other sectors, with parents being forced to stay home to look after their children.”
Despite these disruptions, however, Bolton highlighted the importance for institutions to refrain from giving in to ransom demands, as paying the ransom does not guarantee the return of stolen data and only funds future attacks.
“To protect against cyber threats, schools must implement advanced security controls [...] to detect and resolve security issues quickly. Network segmentation is also a critical security control that limits malware movement and minimizes the impact of breaches,” Bolton said.
“By prioritizing cybersecurity measures and investing in the necessary resources, schools can reduce the risk of falling victim to a cyber-attack and ensure a safe and secure learning environment for their students.”
The Hardenhuish school attack comes a few months after an audit by the National Cyber Security Centre (NCSC) showed that three-quarters (78%) of UK schools had experienced at least one type of cyber-incident.