A ransomware attack on the Harris Federation, a London-based multi-academy trust has left 37,000 pupils without email access.

A ransomware attack is when cybercriminals encrypt data or systems, preventing access to them, usually followed by a ransom demand in exchange for access.

The trust did not explicitly say what data had been affected but said that is working with “a specialised firm of cyber-technology consultants”, the National Crime Agency and the National Cyber Security Centre (NCSC) to tackle the problem.

The news comes just a week after the NCSC issued a statement warning the education sector of the danger posed by targeted ransomware attacks.

The NCSC said that it had seen a spike in ransomware attacks in late February 2021, as well as in August and September 2020.

The government organisation highlighted factors which could increase vulnerability in its alert which included: remote access, VPN usage, phishing, and unpatched or unsecure devices.

The strain of infection is unknown but unconfirmed sources told cybersecurity website Bleeping Computer that the REvil ransomware gang could be responsible.

The news comes after REvil struck computer hardware manufacturer Acer earlier this month and demanded the largest ransomware demand on record, $50 million.

The Harris academies will remain open until the end of the current term on Wednesday, March 31.
“We know that some families will have important individual concerns around data and that in these cases you will want to know more about the nature of the attack,” said a statement on the Harris Federations’ website. “Because we do not want to risk providing incorrect information, we will communicate further once we have clarity and liaise as appropriate with the Information Commissioner’s Office.”

Share Story: