Ransomware hits Blackpool schools

Schools forced to revert to non-IT processes

A major cyberattack has disrupted operations at multiple schools across Lancashire.

The ransomware attack, which occurred last week, targeted the Fylde Coast Academy Trust (FCAT), compromising its IT infrastructure and limiting access to school systems.

All 10 institutions under the FCAT umbrella have been affected. They include four major academies in Blackpool – Armfield Academy, Aspire Academy, Montgomery Academy and Unity Academy – as well as Mereside, Gateway, Westcliff and Westminster primary schools.

Garstang Community Academy and Hambleton Primary Academy are also dealing with the fallout.

The incident has disrupted daily operations, with schools unable to rely on computers, printers and other tech for routine tasks like maintaining registers and teaching from digital textbooks. As a result, schools have been forced to revert to traditional, non-IT-based processes for essential tasks.

Phone lines have also been impacted.

The Trust is working with the Department of Education and has brought in specialists from Cyber Clan, a Canadian firm that assists businesses in dealing with cyberattacks.

The attackers have reportedly demanded a significant ransom, warning that they will permanently block access to FCAT's systems if it isn't paid.

The Trust has not disclosed whether any sensitive data has been breached.

FCAT CEO Dean Logan confirmed the cyberattack and outlined the Trust's ongoing efforts to restore its systems.

"Unfortunately, Fylde Coast Academy Trust has been affected by threat actors' ransomware, this has infected the organisation's IT infrastructure and resulted in limited accessibility to IT systems," he said.

"Within hours of the attack, the Trust was in receipt of support from the government's risk protection arrangements and a cybersecurity team was engaged to support the trust recovery plan."

Telephone lines were among the first services to be restored, although with reduced capacity. FCAT has asked parents and carers to limit non-essential communication with the schools until the system is fully operational again.

Mr Logan praised the response from staff, students, and local communities.

"Leaders, teachers, support staff and pupils have responded very positively and with resilience," he said.

"The skills and knowledge learnt during the Covid 19 pandemic have provided reassurance and confidence in dealing with this challenge."

The Trust expects to begin restoring key services this week, but full recovery may take several weeks to ensure the ransomware is completely removed.

Dr Darren Williams, CEO and Founder of Blackfog, a cybersecurity firm, highlighted the increasing prevalence of such attacks in the education sector.

He said: "The term 'Back-to-school' is not only a source of anxiety for children returning from their summer break, but also for education officials who are facing more cybersecurity challenges than ever before. With yet another set of schools falling victim to ransomware, the weaknesses and shortcomings of the traditional cybersecurity tools that many organisations continue to rely on are becoming increasingly apparent. In this instance, all 10 schools in the Blackpool trust have been forced to revert to manual processes as a result of the attack."

"Unfortunately education continues to top the ransomware leaderboard, with August showing a 12% increase over the previous month.

"There is an urgent need for government to invest in more advanced cybersecurity technologies within this sector, to keep pace with the rapidly evolving tactics used by attackers and to protect sensitive student data."