During lockdown, Sir Roger Marwood's School was on the receiving end of a ransomware attack on the same day as Manchester United. The school was up and running again before the football club.
The school's IT Network Manager, Sharn Somerton-Davies, recalls the day. 'I was driving to work when I received a call from one of my technicians to say they couldn't log in. Our first step was to disconnect all our computers from the internet. Our second was to identify what had been infected. Only then could we think about how this could have happened. In this case, it was via a remote desktop application. The files had been encrypted, so school staff were locked out and couldn't open them.'
The threat from within
All too often, it is the actions of someone within an organisation that open the door to hackers. During their time online, a user might click on a link, check their emails or open a pdf. If a hacker has piggybacked into the network via their login, they can then introduce a virus or install a VPN, a private network. Some settings focus on antivirus software as their main means of securing their network, but once an authorised user successfully logs on, the hacker is through the wall.
Lesson 1: Think before you click
Train all staff – including admin, catering and temporary employees – to be suspicious. One of the first lessons for students is to stop and think twice before they click. When admin staff receive an email from a supplier about changing contact details, or using a different form of payment, they should pick up the phone to double check that it is genuine instead of taking it at face value.