Ransomware attack on UK charity affects 37,000 students
The Harris Federation has disabled its email and telephone system as a result of the attack
Educational charity the Harris Federation has fallen victim to a "highly sophisticated" ransomware attack, leaving about 37,000 students unable to access their email.
In a message on its website, the nonprofit multi-academy trust - which runs 50 primary and secondary academies in and around London - said that it detected the attack on Saturday, 27th March, and its staff have 'worked through the weekend' to resolve it.
The incident affected the charity's systems and led to the encryption or hiding of their contents.
All devices the Federation has provided to pupils have been temporarily disabled 'as a precaution'. As a result, those devices cannot be currently used. In addition, Harris Federation has temporarily disabled its email system, as well as its telephone systems, which use the internet. Calls have been temporarily diverted to mobile phones.
The Federation is requesting parents and students temporarily avoid calling any Harris academy except in the event of emergencies, or to report an absence.
The cyber attack is expected to have a 'significant impact', the trust said. It added that fully resolving the issue and ascertaining exactly what had happened as a result of the breach would take some time .
The Federation is now working with cyber security experts, the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to investigate the incident.
'We are at least the fourth multi-academy trust to have been targeted in March,' the Federation's statement said.
The schools run by the foundation, however, remain open.
The incident is the latest in a series of cyber attacks on educational institutions in the UK in the past few months.
Last week, the University of Northampton said that it had suffered a cyber attack that disrupted its IT services and telephone systems. Also this month, South and City College in Birmingham disclosed a 'major ransomware attack', which affected many of its core IT systems.
Nearly 20 UK-based universities and charities suffered a global ransomware attack last May, which targeted US-based cloud computing provider Blackbaud.
The NCSC published an alert last week to warn education establishments of an increase in ransomware attacks since late February.
'While operational details cannot be disclosed, the NCSC has dealt with a significant increase in the number of attacks since late February, when establishments were preparing to welcome students back to the classroom,' the agency stated.
The NCSC's advisory included various practical steps for educational institutions as part of a 'defence in depth' strategy - from installing and enabling antivirus software to having up-to-date and tested offline back-ups.
"This is a growing threat and we strongly encourage schools, colleges, and universities to act on our guidance and help ensure their students can continue their education uninterrupted," said Paul Chichester, Director of Operations at the NCSC.
Steve Kennett, executive director of e-infrastructure at the UK's digital body for tertiary education, Jisc, said: "Jisc has been helping many colleges and universities recover from ransomware attacks recently, so we have seen what a devastating impact this crime has on the sector."
"I urge all education and research institutions to act swiftly to ensure their systems and data are robustly protected."
Earlier this month, the FBI said it had observed an increase in Pysa ransomware activity, targeting educational establishments in the UK and 12 US states.