School computers hacked

March 26 2021

DOWNEND and Mangotsfield schools are among 23 in South Gloucestershire which had their computer networks disabled by hackers.
The “targeted ransomware attack”, where malicious software is installed on a system to block access until a ransom is paid, took down IT systems at schools across the Castle School Education Trust and 16 other South Gloucestershire primary schools which use the same network.
Problems started on March 16 and school computers were still offline six days later.
A joint statement from CSET and South Gloucestershire Council said: “This was a highly sophisticated attack, which breached multiple layers of protection of the IT system shared by schools in Castle School Education Trust and partner primary schools in South Gloucestershire.
“CSET and South Gloucestershire Council are working together with external partners and agencies to investigate this attack and restore IT systems to the schools.
“A cautious and methodical approach is being taken to ensure that systems are restored safely and securely.
“Although some systems have already been restored, others remain offline, and there will be continued disruption over the coming days.
“This highly sophisticated ransomware attack has caused significant disruption to our schools, and we are grateful to our staff and pupils for their patience and understanding as we work together to restore IT systems.
“We would like to reassure the community that all of our schools remain safe and no pupils are at risk as a result of the ransomware attack, and we are working to ensure that their education continues with minimal disruption.”
Other schools within CSET affected by the attack included Lyde Green Primary School. The council has not revealed which of its schools were affected.
Children were advised not to log on to the schools' WiFi connections, while parents were advised to phone the school with an urgent enquiries and not to rely on email.
The attack has been reported to the police and the National Cyber Security Centre.
An NCSC spokesperson said: "We are aware of this incident and are working to fully understand its impact.
"The NCSC works closely with the education sector and we have published practical resources to help schools and colleges improve their cyber security and response to cyber incidents.”