Ransomware attack hit 11 UK schools

Students were unable to submit coursework and printers were out of action in 11 schools in a Shropshire academy

A recent ransomware attack affected 11 schools in Shropshire, with pupils unable to submit coursework for weeks and with printers disabled at some sites.

As reported by the Shropshire Star, details of the cyberattack emerged during a meeting of West Mercia Police and Crime Panel, during which Shropshire councillor Benedict Jephcott questioned Police and Crime Commissioner (PCC) John Campion about protections against cybercrime.

The cyberattack affected 11 schools in an unnamed academy chain and was exacerbated by “enforced integration” of technology across the sites, according to the councillor. The timing of the attack is not known, although the councillor is reported as saying that some systems were down for “many, many weeks”.

The police’s cyber unit also handled cases involving AI-generated imagery at two schools and cryptocurrency-related matters, although the specific schools were not named.

Campion acknowledged a lack of public awareness of cybercrime and that the police force was acting to alert people on the matter through leaflets, radio interviews and digital materials that he said had reached more 2.5 million individuals. But he added that the public must do their part to defend themselves, in the same way that people lock their front doors to prevent burglary.

Schools are sometimes seen as a soft target by cybercriminals as the impact of an attack is immediate and defences are typically managed by a small number of staff.

This year has seen significant attacks on schools in West Lothian, Edinburgh and Chester , with an earlier ransomware attack on Fylde Coast Academy Trust in Blackpool continuing to disrupt operations into 2025.

Commenting on the Shropshire incident, Adam Boynton, senior security strategy manager EMEIA at software company Jamf, said there is a trend for attackers to target schools at critical times of the year, such as just before exams, to cause the maximum amount of disruption.

“ As schools adopt more devices, move services online, and spend more time connected, they become increasingly vulnerable. Pair this with limited IT resources and tight budgets, which hinder upgrades, schools become an irresistible target for cybercriminals.

“ The police and crime commissioner admitted there is not enough understanding of cyberattacks, and we’ve seen this be a big issue for schools. While teaching remains the top priority, secure devices and networks are now essential to delivering quality education.”