Isle of Wight schools hit by ransomware

Six schools and the Isle of Wight of Education Federation have had data encrypted in an attack that could delay the start of the new term

Six schools on the Isle of Wight have been hit by a ransomware attack that resulted in the encryption of data and may delay the start of the new term.

The attack, which encrypted data, hit the schools and their umbrella organisation the Isle of Wight of Education Federation between July 28th and 29th, according to the Federation. All the schools' websites have been offline since Friday.

The schools affected were Carisbrooke College, Island 6th Form, Medina College, Barton Primary, Hunnyhill Primary and Lanesend Primary. Lanesend Primary announced that the start of the new in September may be delayed by several days.

"As you can imagine, the team now have hours, days, and months of work ahead of them to recreate the information that has been lost. In order to assist with this painstaking process, the Trustees have approved the school to close for 3 extra days at the end of the summer holidays. This means the children will not be returning to school until Monday 6th September 2021. We ask that you are patient with the team during this period," a spokesperson for the school said.

The Isle of Wight Education Federation said it is liaising with the authorities to pursue the cyber criminals and understand the full impact of the attack.

"We are working with the local Police and Authority, Department for Education, Cyber support and various ICT system providers to move this forward and ensure that necessary and appropriate systems are in place for the new academic year," a spokesperson said.

Schools, universities and other public service and public sector organisations have become popular targets for ransomware gangs. Five schools on Anglesey had their systems taken down in June, and Newcastle University was one of a number of higher education establishments badly affected by ransomware last year. Meanwhile, the Irish health service is still recovering from a large scale ransomware incident in May which saw patients' details published on the dark web.

Commenting on the latest incident, Oz Alashe, CEO and founder of security platform CybSafe, said: "Malicious actors see educational institutions as a soft target, who will be more willing to pay a ransom given the vital nature of their work and the disruption that can be caused to pupils' education."

He continued: "Addressing human security behaviours remains the most effective measure organisations can take to mitigate this kind of risk. For both pupils and staff, increasing awareness of ransomware attacks and providing the means to identify and flag such attacks will help prevent these kinds of breaches, and ensure schools can avoid disruption at this critical time."