Cyber threats to schools and colleges

Since the start of the Covid-19 crisis, many schools and colleges have been relying on video calls, extranets and remote access to servers more than they ever considered possible.  Getting used to new ways of working, and making rapid changes, has allowed cyber criminals to take advantage of the confusion.  In a rare public statement, the National Cyber Security Centre (NCSC) has issued a warning over the threat of Covid-19 related scams.  The government agency, which is part of GCHQ, noted that there has been a sharp rise in cyber attacks that take advantage of the panic and uncertainty caused by the pandemic.  Paul Chichester, the NCSC’s Director of Operations, said: “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak.  Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.”

Earlier this year the Department for Digital, Culture, Media and Sport released the Cyber Security Breaches Survey 2020.  Whilst these annual surveys have been published since 2017, this was the first time they have included educational institutes.  The results were surprising and suggest that secondary schools and further and higher educational institutions are more likely to have identified cyber breaches or attacks against them than UK businesses in general.  This recent case study from CFC Underwriting demonstrates how a hacker managed to gain access to a school's system via the remote desktop protocol (RPD).  

The most common form of attacks against schools are:

  Primary Secondary Further and Higher
Fraudulent e-mails or being directed to fraudulent websites 91% 93% 93%
Others impersonating organisation in e-mails or online 23% 24% 79%
Viruses, spyware or malware 18% 29% 43%
Unauthorised use of computers, networks or servers by students 2% 31% 29%
Denial of service attacks 7% 18% 36%
Hacking or attempted hacking of online bank accounts 0% 7% 14%

With these levels of attack against schools and the increased vulnerability caused by Covid-19, cyber security needs to be a high priority for governors and senior leaders.  

The most common risk that cyber criminals pose is the attempt to lure home workers to click on malicious files or links.  This type of attacking, known as phishing, rose by an unprecedented 667% in the UK over the month of March.

The National Cyber Security Centre website has a wealth of information and guidance to help you consider the cyber risks that you face and how to manage them.  They also have some education specific resources that can be found here.

A 2019 school cyber security audit showed teachers and support staff did not feel very knowledgeable when it came to cyber security.  The survey highlighted an appetite for more staff training, and new resources to help bridge this knowledge gap.  See the useful links below for the report.


Cyber Security – The basics

All schools should have a cyber security policy. This should include:

  • Protecting your networks from attack, filtering out unauthorised access and malicious content and monitor and test security controls
  • User security policies covering acceptable and secure use of your systems. Including staff training and maintaining awareness of cyber risks
  • Establish and maintain anti-malware defences across your school networks
  • Controls for access to removable media. Limit media types and use. Scan all media for malware before importing onto the school system
  • Ensure automatic updates for security patches and ensure the secure configuration of all systems is maintained
  • Establish effective management processes and limit the number of privileged accounts. Limit user privileges and monitor user activity. Control access to activity and audit logs.
  • Establish an incident response and disaster recovery capability. Test your incident management plans. Procedures for reporting criminal incidents to law enforcement.
  • Establish a monitoring strategy and produce supporting policies. Continuously monitor all systems and networks, analysing logs for unusual activity that could indicate an attack
  • Develop a mobile working policy and train staff to adhere to it. Protect data both in transit and at rest

As part of overall cyber plans schools also need to consider other factors such as cyber safeguarding of children and educating and protecting children from cyber bullying.


Useful Links

National Cyber Security Centre & London Grid for Learning – Cyber Security Schools Audit 2019

Top of The Class LGfL Cyber Security Report

NCSC common cyber attacks

NCSC 10 Steps to Cyber Security

NCSC – Practical tips for everyone working in education

Ecclesiastical Cyber Security Guidance Notes


Register for our cyber security webinar

Cyber threats to schools and colleges

Thursday 11 June


Register now



If you would like any further advice or have any queries on the above, please get in touch with our education specialist, Mark Rose: 

07841 430 237 | [email protected] 






Posted by on

Tags: Covid-19 Education, Education

Categories: Homepage Featured, Schools and Colleges

Related Blogs

Add Your Comments