Schools as a target
There are approximately 24,000 schools in England and 10 million students, all served by different IT infrastructure and systems. This creates a system that cyber attackers can exploit. Schools also have:
- high-value, special category personal data including safeguarding records, SEND assessments, and medical and psychological information about children
- pressure to avoid disruption to education, meaning ransomware attackers can exploit fixed deadlines (exams, results day, term starts) to maximise pressure to pay
- relatively weak defences - many schools have limited or no dedicated cyber security resource and old systems
- many ways attackers can enter systems with often thousands of user accounts, internet-facing systems, and bring-your-own devices
- an over-reliance on a few key suppliers - schools depend on a small number of Management Information Systems (MIS) vendors cloud platforms and suppliers meaning a compromise at one supplier can affect hundreds of schools. 82% of primary schools outsource their IT, and often don't have full oversight of the supplier's security protections.