The National Cyber Security Centre (NCSC) has warned of a recent increase in ransomware attacks targeting schools, colleges and universities in the UK as the cyberthreats posed to the education sector continue to be laid bare. The alert follows previous NCSC notices of surges in ransomware attacks on UK education during August/September 2020 and February 2021.
In a posting on its website, the NCSC stated that it is investigating another increase in ransomware attacks against schools, colleges and universities in May and early June. Attack vectors highlighted include the targeting of networks through phishing emails, VPNs and Remote Desktop Protocol (RDP) endpoints, weak passwords or lack of multifactor authentication (MFA), and exploitation of unpatched bugs or systems like Microsoft Exchange Server. What’s more, attackers are increasingly using tools such as Mimikatz, PsExec, and Cobalt Strike to enable lateral movement and privilege escalation once they’ve infected a network, the NCSC added.
Cyberthreats faced by the UK education sector
The threats posed by ransomware and other cyberattacks to organisations of all types are stark, but they take on specific significance for those in the UK education industry. “Schools, colleges, and universities tend to have comparatively low cybersecurity budgets, a broad range of open technology needs, quite a bit of remote access and users that range from wannabe hackers to people who tape their passwords to the back of their smartphones,” cybersecurity advisor, thought leader, and author Raef Meeuwisse tells CSO. “These factors also make it harder for the security functions inside such institutes to implement effective countermeasures against ransomware and other forms of cyberattack.”
In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records, as well as data relating to COVID-19 testing, the NCSC wrote in its blog.
Original article source was posted here