F-Secure offer comment on NCSC’s warning to education sector around cyberattacks
Following the NCSC’s warning around targeted ransomware attacks on the UK education sector, Calvin Gan, Senior Manager, Tactical Defense Unit at F-Secure comments:
“Having a regulatory body issuing an alert or something similar is telling enough that there is still work needed to improve the security posture within the education sector. If institutions are not following the advice, we will start seeing something similar to how the health sector was impacted last year.
We never thought that health data could help cyber criminals earn money, but that has happened. The same goes for the education sector. Data that may not seem valuable for monetary gain such as student data or proprietary course materials are now at risk of being held hostage for a ransom.
Institutions should now heed the call to improve security measures, start implementing better protection methods for any form of data, and start forming and testing response plans in case they are impacted by an attack.
Cyber criminals are now very quick and agile in adopting new attack techniques, so educational establishments should not be complacent just because they have followed the mitigation guidelines now. Instead, they should be actively reviewing, monitoring and updating these measures to continuously minimize the attack vector”.