Cyberattack shuts down the systems of dozens of schools; online learning systems collapsed

Online learning systems from at least 15 schools in the UK were compromised by a cyberattack, allegedly ransomware. These schools reside in Nottinghamshire and belong to the Nova Education Trust cooperative organization.

As you may remember, a ransomware attack consists of using a malware variant capable of encrypting the affected system or files, allowing attackers to demand a ransom in exchange for restoring compromised access.

This Wednesday morning, schools revealed the incident through their social media, reporting that their IT systems would remain temporarily shut down. According to the report, an unidentified threat actor managed to access its IT infrastructure, forging the closure of all its operations over the phone and the Internet.

Because pandemic isolation measures remain in place in the UK, students in the UK will remain at home until at least 8 March, so this incident certainly affects a considerable number of students. Some teachers have even resorted to using text messages so as not to delay in their lessons.

It’s been a couple of days since the incident and school systems are still down, although IT teams at these schools are still working to restore functions. While it is not yet known who is responsible for this incident, this is a sign of the various ways in which computer systems can be affected by all kinds of cyberattacks.

In a later statement, the cooperative mentioned that the incident has already been reported to the Information Commissioner’s Office (ICO) and the Department of Education. This attack will also be investigated by the National Cybersecurity Center (NCSC). As a security measure, Nova Education Trust recommended that teachers and operational staff ignore any suspicious-looking messages allegedly related to this incident.

In case it is confirmed that it is a ransomware infection, the organization should define whether it will pay the ransom. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.