Headteachers are being warned of an "increasing number of cyber attacks" affecting the education sector – which could cause "considerable damage" to schools through "lost data and access to critical services".
In an email sent to heads this afternoon, seen by Tes, the Department for Education said it is "vital" that senior leaders "urgently review" their cyber defences and take steps to protect their schools from attack.
"The Department for Education and the National Cyber Security Centre (NCSC) have been made aware of an increasing number of cyber attacks involving ransomware infection affecting the education sector recently," the email states.
Cyber crime: Schools warned over rising dark-web attack threat
Exclusive: Schools urged to act after Microsoft breach
"It is important that senior leaders in education settings understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services."
Schools at risk of cyber attacks
The DfE says schools should not pay ransoms in the event of an attack, as this has "no guarantee of restoring access or services and will likely result in repeat incidents to educational settings".
The email adds: "It is vital that you urgently review your existing defences and take the necessary steps to protect your networks from cyber-attacks.
"Along with your defences, having the ability to restore the systems and recover data from backups is vital."
It says that schools should ask their IT team or provider to confirm that:
- They are backing up the right data.
- The backups are held offline.
- They have tested that they can restore services and recover data from the backups.
If a school is the target of a cyber attack, the DfE says it should follow four key steps:
- Enact your incident management plan.
- Contact the NCSC.
- Contact your local law enforcement and Action Fraud.
- Inform the Department for Education by emailing: email@example.com