Sergey Nivens - stock.adobe.com
The council said all the affected systems – which includes email accounts – have been “temporarily disabled” to contain the incident, which has affected Ysgol Syr Thomas Jones, Amlwch; Ysgol Uwchradd Bodedern; Ysgol Gyfun Llangefni; Ysgol David Hughes, Menai Bridge, and Ysgol Uwchradd Caergybi.
It said it was possible that some personal data held on the schools’ systems could have been compromised as part of the attack
“We discovered the cyber attack [on Wednesday 23 June] and moved quickly to bring in a team of specialised cyber technology consultants to investigate. The National Cyber Security Centre [NCSC] will also be providing us with support to resolve matters,” said Anglesey Council chief executive Annwen Morgan.
“There is likely to be some disruption at the schools over the coming weeks as systems may need to be restored and others remain offline,” said Morgan.
“We are working closely with other partners to support our secondary schools. Although we are not currently able to confirm that there has been a data breach, the Information Commissioner’s Office has also been made aware of the incident,” she added.
At present there is no indication of whether or not the shutdown is the result of a ransomware attack, and Anglesey Council has declined to comment further, but multiple schools, colleges and other academic institutions around the UK have been subject to a surge in such attacks against their systems in recent months.
As of late May/early June, the NCSC was investigating a number of ransomware attacks on the UK education sector, and as a result issued refreshed guidance for institutions, which are also strongly encouraged to sign up for its recently-launched Early Warning service.
Oz Alashe, CEO and founder at behavioural security platform CybSafe, said: “Unfortunately, these types of cyber attacks on schools are becoming all too common, especially over the past year. Such attacks can affect students’ coursework, lead to financial records being leaked, and – more recently – affect data relating to Covid-19 testing. The fallout from such incidents leads to pupils’ education being significantly disrupted, as one breach can lead to a network of schools being affected, as is the case in Anglesey.
“This attack serves as a stark reminder of the increasing threat malicious actors pose on the education sector, and the importance of ensuring pupils and teachers have the knowledge needed to protect themselves and their institutions.
“Phishing attacks will often play on the natural curiosity of pupils, who may not be aware of the threat of clicking on a suspicious link or responding to an unusual message. It’s essential pupils are educated and aware of potential cyber threats, and have the tools and structure needed to prevent their data from being compromised,” he added.