Back to News

3 easy ways you can minimise the risk of cyberattacks on your school

The National Cyber Security Centre advises schools to take preventive measures now against cyberattacks

cyberattacks on your school

Cyber security is an issue for businesses and the education sector alike. But in the past few months, added pressure has been placed on the education sector to take positive action to deter potential cyberattacks after schools, colleges, and universities were reporting an unprecedented number.

Earlier this year, The National Cyber Security Centre, the ESFA, and the Metropolitan Police recommended schools be vigilant and take every precaution to protect themselves from these ransomware attacks. The warning came after Microsoft released multiple security patches to address the vulnerabilities of the Microsoft Exchange Server after it had been exploited by the group known as HAFNIUM. 

The vulnerabilities affect the following Microsoft Exchange Servers:

  • Microsoft Exchange Server 2013
  • Microsoft Exchange Server 2016
  • Microsoft Exchange Server 2019

The Autumn term has barely started, and we can only imagine how hectic school life is right now. So to help, we’re highlighting 3 easy ways you can minimise the risk of cyberattacks on your school:

  1. Use the latest antivirus software

The first recommendation is to check that antivirus software is installed, working, and up to date on all computers as online criminals have systems constantly scanning for email systems to find and attack. 

And note that cybercriminals do not target large schools only! 

  1. Install the latest updates 

Although you may not be sure whether your email is running on a server that uses Microsoft Exchange, it’s essential to find out and learn which updates are necessary.

Your tech team or IT provider will be able to offer expert advice. Act on their advice immediately as the longer systems are unprotected, the higher the probability of being compromised. 

Once patches are installed, don’t assume you are fully protected. If a cyberattack has been successful and infiltrated your system, it can often remain undetected for weeks or months; sitting in the background and waiting for the optimum moment to perform sometimes irreparable damage.

  1. Back up your data regularly

Check you have software that performs regular, valid backups and your recovery processes are tested. Further information on how to avoid losing your data is available from the NCSC. They also have practical cyber security resources for schools.

BONUS actions you can take now

Many specialist IT companies and online forums offer free advice to help deter the cybercriminals targetting your sector and improve cyber security in your school.

For example, these further actions will give added protection against cyberattacks:

  • Use Multi-factor Authentication wherever possible
  • Train staff about phishing emails and cyber security risks
  • Add cyber security to your school’s business continuity plans (check out this NCSC Guidance)
  • Add cyber security to your school’s risk register
  • Implement a Cyber Security Policy
  • If your computers are still using Windows 7, make plans to replace/upgrade them. 

Speak to our team for advice on sourcing high quality and low cost refurbished laptops as replacements for outdated IT devices. We would be happy to help!