UK cybersecurity experts have warned of a fresh wave of ransomware attacks being unleashed on colleges and universities.

Reports indicate a spike in cybercriminals employing ransomware attacks against educational institutions, leading security specialists to urge colleges and universities across the country to fortify their systems and networks and protect the data they use and retain.

A rise in ransomware attacks

The recent warning issued by the National Cyber Security Centre (NCSC) here in the UK arrives after an increase in hacker activity where universities have been selected as victims for ransomware attacks. In some of the incidents recorded in August, threat operators have backed up ransom demands for bitcoin with threats of data leaks if payment is not forthcoming. The data stolen in these raids included students’ personally identifiable information (PII) stored by the institutions involved.

The NCSC commented that it has dealt with multiple attacks employing ransomware against educational institutions that resulted in different levels of damage, depending on what protective measures the universities had put in place prior to being hit.

Universities and colleges are already being presented with a raft of logistic challenges due to the continuing COVID-19 outbreak. Now, as they prepare for the upcoming academic year, the NCSC is urging these institutions to protect their data with security infrastructure that can defend against the risk of a ransomware attack.

Directors of ops for the NCSC, Paul Chichester commented:

“This criminal targeting of the education sector, particularly at such a challenging time, is utterly reprehensible. While these have been isolated incidents, I would strongly urge all academic institutions to take heed of our alert and put in place the steps we suggest, to help ensure young people are able to return to education undisrupted. We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats and will not hesitate to act when that threat evolves.”

A range of tried and tested approach vectors

The ransomware groups targeting the country’s education sector are employing a combination of well-known strategies to deploy their malicious software, including phishing emails via spoofed addresses, Remote Desktop Protocols, and exploting hardware and software that has not been updated efficiently. Without the most recent updates, both devices and application can potentially be rendered vulnerable as they may miss out on important security patches.

Cybersecurity specialists are advising universities to mitigate the threats of ransomware assaults by adopting a range of protective tactics. These include efficient managing of patching identified vulnerabilities, securing all Remote Desktop Protocol services with additional multifactor authorisation and authentication and the installation of up-to-date anti-virus protection. They are also urging institutions to make certain both students and faculty members are fully aware are fully aware of how much damage phishing emails can cause.

The NCSC also recommends colleges keep up-to-date backups offline, ensuring they can restore data if attacked, without needing to pay ransoms to hacker groups to recover stolen files. Furthermore, universities are also advised to tests their responses to a ransomware attack in preparation for a potential incident.