The National Cyber Security Centre (NCSC) and the London Grid for Learning (LGfL) recently undertook a cybersecurity audit of more than 430 UK schools. Alarmingly, this revealed that four out of five schools have suffered a cybersecurity incident and one in five has reported unauthorised access to their computers, networks or servers by pupils.
The majority of the schools involved, 69%, had been targeted by a phishing attack and 35% had experienced periods with no access to important information. Just under a third, 30%, said they had suffered a malware infection, including viruses or ransomware. Additionally, 20% said they had been victims of spoofing attacks, with school emails being impersonated by others.
Unauthorised pupil use of computers, network or servers were reported by 21% and 11% said they had experiences of unauthorised staff ICT use. Only 4% said there had been unauthorised external use and even fewer, 3%, admitted leaks of confidential information from online systems.
The audit also found that only 44% of schools included core IT services in their risk register while less than half (49%) were confident that they would be adequately prepared in the event of future cyber-attacks.
Although 97% of schools involved in the NCSC and LGfL audit said losing access to network-connected IT services would cause considerable disruption, only one third of schools give cyber security training to non-ICT staff. Responses to follow up questions showed that over 90% of schools would welcome more cyber security awareness training for staff, suggesting there are vital opportunities for public sector ICT leaders to work with schools in their communities to help create safer, more robust centres of learning.
The findings also highlight the valuable role Socitm members might fulfil in working with schools and colleges to educate children and young people about the importance of safe ICT usage while also promoting the value and appeal of careers in the sector.
On a more encouraging note, more than 95% of schools had firewalls, antivirus, data backups and kept software patches up to date. As many as 85% had a cyber security plan but only 41% had a business continuity plan. The audit also found there was relatively low use of strong cybersecurity practices, such as mobile-device management and two-factor authentication.
Mark Bentley, safeguarding and cybersecurity manager at LGfL said: “Budgets are tight, the curriculum is squeezed, and school is all about keeping children safe and providing the best-possible education.
“You won’t often hear schools talking about their cybersecurity preparedness. Whilst it was hospitals rather than schools which suffered major disruption from the WannaCry virus, schools are just as likely as any organisation to face DDoS and phishing attacks”.