Skip to content
All posts

Cyber Attacks on Schools – Why They Are Increasing and What We Can Do?

In the last few years, UK schools have increasingly become prime targets for cybercriminals. The idea that schools would be at the forefront of cyber attacks might once have seemed far-fetched, but the digital landscape has changed. Education systems, like those in business, healthcare, and government sectors, are now dealing with a new and evolving crisis: cyber threats that have the potential to cripple entire school networks, disrupt the learning process, and cause significant financial and emotional damage.

This is not just a technical issue – it’s a human one. When schools face downtime due to a cyber attack, the whole ecosystem suffers. Teachers are unable to deliver lessons, students lose valuable time, and the already stretched IT teams are left scrambling to fix the damage. In the worst cases, schools have been forced to close for days or even weeks while trying to recover.

And here's the harsh reality: the number of these attacks is increasing. Many school networks are vulnerable, often due to insufficient cybersecurity measures. Cybercriminals are exploiting these vulnerabilities, knowing full well that many educational institutions are unprepared to respond quickly. The costs – both financial and psychological – can be devastating.



Why Are Schools Being Targeted?

So why are schools becoming prime targets for cybercriminals? There are several reasons:

1. Valuable Data: Schools hold vast amounts of sensitive data, including personal information about students, staff, and even parents. This data can be sold on the dark web or used for identity theft. Schools also process financial information and payroll data, making them lucrative targets.

2. Limited Resources: Many schools are operating on tight budgets, and cybersecurity often isn’t seen as a priority. Schools may not have the funds to invest in the latest technology or dedicated cybersecurity professionals. This makes them more vulnerable than other sectors.

3. Remote Learning Expansion: The COVID-19 pandemic dramatically increased the use of online learning platforms and cloud-based services, creating more points of entry for potential attacks. While remote learning has been a lifeline, it has also opened up new vulnerabilities for attackers to exploit.

4. Low Awareness: There’s often a lack of awareness or training when it comes to cyber threats in schools. Staff and students may not know how to spot phishing emails or use secure passwords. This makes it easier for cybercriminals to launch successful attacks.

5. Perceived as Soft Targets: Cybercriminals are opportunistic. They tend to target sectors they believe are unprepared or less protected. Unfortunately, many schools are seen as "soft targets" – institutions that have lower levels of protection but still hold valuable information.

 

The Fallout of a Cyber Attack: More Than Just Downtime

It’s easy to think that a cyber attack only affects technology, but the reality is that it affects the entire school community. Here’s how:

  • Disruption to Teaching and Learning: When IT systems go down, teachers can’t access lesson plans, resources, or even the registers. In a world where education is increasingly digital, the classroom grinds to a halt. For students, this means lost learning time, disrupted routines, and an overall impact on educational progress.
  • It’s Not Just “IT” Systems – Every Part of School Life Is Affected: When a cyber attack occurs, it’s not just the computers or email systems that are impacted. Essential services such as cashless catering, library systems, door access controls, CCTV, payroll and salary systems, accounting and payment platforms, and exam results can be compromised. The ripple effect of these disruptions can grind the entire school’s operations to a halt, making recovery even more difficult and costly.
  • Stress on IT Teams: IT support staff are often the unsung heroes of a school, keeping everything running behind the scenes. However, when a cyber attack occurs, they’re often blamed for not preventing it – even though many attacks happen because of factors outside their control. The stress of dealing with these crises can lead to burnout, resignation, or long-term mental health issues.
  • Financial Costs: Recovering from a cyber attack is expensive. Schools may need to pay for external experts, replace compromised hardware, and deal with any legal consequences of data breaches. This adds pressure to already tight budgets, forcing schools to make tough financial choices.
  • Reputational Damage: Parents and the wider community place a great deal of trust in schools to protect their children’s personal data. A cyber attack can undermine that trust and damage the school’s reputation. Parents may begin to question the institution’s ability to protect students’ information and, in some cases, may even consider alternative schools.


The Role of Cybersecurity: Prevention Is Key

So what can schools do to protect themselves from these growing threats? The answer lies in prevention. One of the most effective ways schools can safeguard their networks is by implementing Multi-Factor Authentication (MFA). By adding this extra layer of security, even if a password is compromised, it becomes much harder for attackers to gain access to sensitive systems and data. We’ll be covering this in much more detail in an upcoming post in this series, so stay tuned.

But MFA is just one part of a larger strategy. The Department for Education (DfE) has outlined cybersecurity standards that all schools should follow to ensure they’re doing everything they can to prevent attacks. These standards include implementing robust security policies, providing regular training to staff, and maintaining up-to-date antivirus and firewall protection.

Schools can also take advantage of free tools provided by the National Cyber Security Centre (NCSC), which are designed to help institutions assess and improve their security posture.

  • My NCSC offers schools personalised security advice and access to guidance on best practices.
  • NCSC Cyber Security for Schools provides essential guidance, resources, and tools tailored specifically to help schools strengthen their cyber defences and protect against common threats.
  • NCSC Domain Check allows schools to test the security of their email domains and flag any potential vulnerabilities.
  • NCSC Mail Check helps schools ensure that their email systems are properly configured to prevent phishing and other email-based threats.

At the ANME, we know that schools are under immense pressure, which is why we offer free, printer-friendly versions of the DfE standards on our website. These resources are designed to be accessible and practical, making it easier for schools to adopt best practices.


The Bigger Picture: Protecting Wellbeing and Ending Blame Culture

It's critical to recognise that while cybersecurity is often thought of as a purely technical issue, the ripple effects go far beyond IT systems. When a cyber attack happens, IT support teams often find themselves unfairly blamed, even though many of these incidents involve human error or social engineering tactics beyond their control. In fact, according to the 2024 Verizon Data Breach Investigations Report, a staggering 68% of breaches involved a human element – whether through phishing, compromised credentials, or simple mistakes.

This statistic highlights the need for schools to adopt a broader approach to cybersecurity – one that doesn’t focus solely on technology but also prioritises training, awareness, and teamwork. Blaming IT teams for breaches ignores the reality that cybersecurity is everyone’s responsibility. The focus should be on creating a culture of cybersecurity awareness throughout the school, where staff and students alike understand their role in keeping systems secure.

Blame culture is not only unfair, but it can also lead to long-term consequences for the wellbeing of IT staff. The stress of being held accountable for incidents they couldn’t have prevented can lead to burnout, resignations, and increased turnover – leaving schools even more vulnerable in the future.

Instead of pointing fingers, schools should be investing in proactive measures like Multi-Factor Authentication (MFA), using tools like NCSC’s Mail Check, and following the DfE’s cybersecurity standards. This helps create a supportive environment where IT teams can focus on prevention and resilience, rather than firefighting crises.


Introducing Our Cybersecurity Series

This post marks the beginning of our Safeguarding Schools with Cybersecurity series, where we will explore the following key areas in the coming weeks:

  • Edition 2: Multi-Factor Authentication – A Game Changer for Schools
    We'll dive deeper into MFA and how it can significantly reduce your school's risk of being compromised by cybercriminals. Practical tips and resources will be shared to help you get started.
  • Edition 3: The Human Impact of Cyber Attacks – How Downtime Disrupts Teaching and Learning
    Explore the real-world consequences of cyber attacks on the educational process and how schools can mitigate these disruptions.
  • Edition 4: Blame Culture and IT Wellbeing – Why IT Support Teams Need Our Backing
    We’ll focus on the wellbeing of IT teams, highlighting the importance of support systems to avoid blame and stress during crises.
  • Edition 5: Prioritising Mental Health in IT – How Schools Can Create a Healthy Work Environment
    Discover how schools can implement policies and practices to protect the mental health of IT staff, especially during periods of heightened pressure.
  • Edition 6: Cybersecurity Is a Team Effort – Everyone Has a Role to Play
    Cybersecurity doesn’t fall solely on the IT department. This post will explore how to foster a culture of vigilance and security across the entire school.


Each edition will offer actionable insights and direct schools to helpful resources, including links to the DfE standards where appropriate. 


Let’s Make Cybersecurity a Priority

At the end of the day, protecting schools from cyber attacks is not just about protecting IT systems – it’s about safeguarding students, staff, and the future of education. By making cybersecurity a priority, adopting best practices like MFA, and supporting IT teams, we can prevent attacks before they happen and ensure that our schools remain safe and functional.

Start by exploring the DfE cybersecurity standards, downloading the ANME's printer-friendly resources here: anme.co.uk/dfe-standards, and using the NCSC's free tools: My NCSC, NCSC Domain Check, NCSC Mail Check, NCSC Cyber Security for Schools. And have a read of the free Secure Schools Cybersecurity handbook too.

Blog post written by ANME, Official Partner of the Schools & Academies Show Birmingham 2024