A ransomware attack has forced Charles Darwin School in South London to close for the first part of this week, affecting 1,300 students as the school works to address the cybercrime.
Flunking in cybersecurity
On Thursday, students were sent home due to what was initially described as an IT problem. However, a letter from headteacher Aston Smith on Friday revealed that the issue was far more serious—a ransomware attack. As a result, the school announced it would remain closed on Monday, Tuesday, and Wednesday.
The attack led to the removal of all staff devices for cleaning, leaving teachers unable to access essential materials. Teachers are now reworking their lesson plans, while school leaders are developing backup systems to keep the school operational.
In response to the attack, all students’ Microsoft 365 accounts were deactivated as a security measure. Parents were warned to be on the lookout for suspicious emails and were informed that sensitive school data may have been accessed by the attackers. The school has hired a cybersecurity firm to conduct a forensic investigation.
Malicious actors dig the classroom
This attack on Charles Darwin School is part of a larger pattern of increasing ransomware incidents targeting schools in the U.K. In 2023, 126 schools reported ransomware breaches to the Information Commissioner’s Office (ICO), a record number. The first quarter of 2024 alone saw 27 attacks reported—more than double the number from the same period in the previous year.
Cybercriminals like the Vice Society and Hive ransomware groups have been behind many of these attacks. They typically steal sensitive information and demand ransom in exchange for not releasing the data. Some schools have faced ransom demands as high as £500,000 ($608,000). In other cases, confidential information, including reports on vulnerable students, has been leaked online.
Show ‘em malicious actors the F
In order to keep cybercriminals at bay, and protect your assets safe, the path is clear to fend off against prospective ransomware attacks.
Regular Data Backups: Frequent, secure backups to recover data without paying ransom.
Multi-Factor Authentication (MFA): Add extra layers of security to critical accounts.
Software Updates: Regularly apply security patches to all systems.
Network Segmentation: Separate networks to contain breaches.
Endpoint Security: Use advanced monitoring tools to detect threats on devices.
Cybersecurity Training: Educate staff and students to recognize and avoid threats.
Incident Response Plan: Have a plan in place to quickly respond to attacks.
Email Filters: Block phishing and malicious emails.
Access Controls: Limit access to sensitive data based on role.
Cybersecurity Audits: Regularly assess and improve system defenses.
Comments