Education sector needs to wise up to more cyberattacks

With over 1,800 cyberattacks a week Check Point urges UK education sector to do more

Deryck Mitchelson, field chief information security officer (CISO) at Check Point Software Technologies, is warning the UK’s education sector that it is currently facing around 1,800 weekly cyberattacks and urges schools and colleges to increase cybersecurity efforts.

Recently, ransomware group, Vice Society*, attacked multiple schools in the US and UK, including Test Valley, Buntington First School and Harpenden Academy. The ransomware attacks resulted in confidential data being posted on the dark web, putting over 4,500 students at risk.

This focus on the education sector is not new, with Check Point’s 2022 Mid-Year Report, reporting a 44% increase in cyberattacks against this industry worldwide, when compared to 2021.

‘Our research team’s monthly threat index has found education to be the most impacted sector for the whole of 2022.’_ Deryck Mitchelson, Check Point

This year there have been high profile attacks on the Los Angeles Unified School District as well as the Chicago public school system, that exposed four years’ worth of records of nearly 500,000 students and just under 60,000 employees.

And before the recent spate of attacks by Vice Society in the UK, British school De Montford also fell victim to a ransomware attack earlier this year.

Part of the appeal is the sheer number of personal details. In most companies you tend to only have employees whereas academic institutions don’t just have employees like teachers and lecturers, they also have students. With so many more people, this makes networks in the sector much bigger, more open, and more difficult to protect. Plus, that also means there is so much personally identifiable information (PII) that can be used for financial gain.

‘…there is so much personally identifiable information (PII) that can be used for financial gain’ _ Deryck Mitchelson

Mitchelson commented: “Academic institutions are currently sitting ducks. Our research team’s monthly threat index has found education to be the most impacted sector for the whole of 2022. It’s clear that cybercriminals are finding these attacks fruitful, and schools and colleges should be preparing for the rate of these attacks to increase even further.

“Students are not employees, they use their own devices, work from shared flats, and connect to free wi-fi without necessarily thinking about the security risks. This combination of a lack of understanding and ignorance has contributed to the perfect storm, giving hackers free run.

“While Vice Society is clearly on a mission to target more and more schools, it’s critical that action is taken now to prevent it from happening. A ransomware attack should not just be seen as an inconvenience, it could potentially result in a school being closed down, as was the case with Lincoln College that we saw earlier this year.”

“There are technologies than can allow universities, colleges, and schools to be more secure without disrupting student education. By choosing to adopt a prevent-first approach and by integrating best practices such as network segmentation, multi-factor authentication and endpoint security, academic institutions can begin to fight back against malicious cybercriminals.”*


*Vice Society is an intrusion exfiltration, and extortion hacking group that first appeared in summer 2021. Vice Society actors do not use a ransomware variant of unique origin. Instead, the actors have deployed versions of Hello Kitty/Five Hands and Zeppelin ransomware but may deploy other variants in the future.

You might also be interested in: 60% of indepedendent schools faced cyberattacks in last five years

Leave a Reply

Send an Invite...

Would you like to share this event with your friends and colleagues?

Would you like to share this report with your friends and colleagues?

You may enter up to three email addresses below to share this report