top of page
  • Writer's pictureJared Thompson

Ransomware attacks on Schools & Colleges continue to rise

The summer months often see a rise in ransomware attacks against schools, colleges and universities in the UK as cybercriminals turn their attention to a sector that is focused on delivering exam results and preparing for the return of students for the new academic year.

In June 2021, the National Cyber Security Centre (NCSC) issued an alert to the sector to encourage organisations to protect their networks to prevent ransomware attacks.

Dealing with a ransomware attack can devastate organisations, with victims requiring significant recovery time to recover critical services. These attacks can also be high-profile, with wide public and media interest following the story.

Some recent incidents in the education sector involving ransomware have led to the loss of school financial records, student coursework and other data. It's vital that organisations have up-to-date and tested offline backups. Nurseries and Childminders are not safe from attacks either; they're also appealing targets for Cyber-Attackers

Ransomware Attacks on Schools on the Isle of Wight

Back in August 2021, the BBC reported that six schools were hit by a cyberattack that prevented their staff from accessing their computer systems. The Isle of Wight Education Federation saw its IT systems become compromised by the ransomware attack, which encrypted its data.

As a result of the attack, Lanesend Primary School saw its pupils start their new academic year three days later than planned. Local Police and Authority, the Department for Education, Cyber support and various ICT system providers came together to ensure that necessary and appropriate systems were in place for the new academic year.

Myerscough College came under attack by Ransomware

In 2021, Myerscough College contacted Cyber Resilience Centre after first contacting Lancashire Police to report the crime when they found themselves dealing with a targeted ransomware attack.

“Myerscough are thankful for the help of the Cyber Resilience Centre and SaaSAge who have worked with us to get our systems back online following this targeted ransomware attack. After dealing with this ransomware attack, we feel the college and our staff are now better educated and equipped with the tools to deal with any future cyber-attack.” - Ian Brown, Director of IT & MIS @ Myerscough College

The Cyber Resilience Centre helped to quickly connect Myerscough College with our former Cyber Essentials Partner SaaSAge, who has assisted the college in recovering data and getting systems back online following the ransomware attack.

Detective Superintendent Neil Jones, Director of the North West Cyber Resilience Center, commented, “Myerscough College is just one of several local education establishments which have been targeted in recent months. The Cyber Resilience Centre was happy to work with them and put them in touch with SaaSAge, who implemented their Business Continuity Team to work with the college to restore their systems and put measures in place for the college to be better prepared for any future similar attack."

"It should be noted that Myerscough College took the appropriate steps in reporting this crime to Lancashire Police. If your business faces a ransomware demand, do not pay the ransom funds and report the attack. ”

What should you do if you're attacked?

Your organisation should ensure you have an incident response plan, which includes a scenario for a ransomware attack; make sure you test this out throughout the year. But having an up-to-date and tested offline backup is the most effective way to recover from a ransomware attack

Police Forces in the North West and all law enforcement do not encourage, endorse, or condone the payment of ransomware demands. If you ignore this guidance and pay the ransom:

  • There is no guarantee that you will gain access to your data or device(s).

  • Your computer(s)/network could still be infected.

  • You will be paying a criminal group.

  • You're more likely to be targeted again in the future.

We encourage any victim to first report the incident to Action Fraud, then reach out to us here at the Cyber Resilience Centre, and we can help you take the next steps. We have the expertise and cyber essentials partners who can educate, help and guide you on the best path to defend your school, college or university against any further attacks.

Free Membership banner for organisations

We've launched a dedicated area of resources to support the education sector. Following our guidance (and guidance from the NCSC) will significantly increase your protection from the most common types of cybercrime.


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.


Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.


This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page