Billericay School cyberattack lead to all systems being encrypted rendering important data inaccessible.
Billericay School Cyberattack: What Happened?
The Billericay School in Essex, UK was forced to close for a day after suffering a significant cyber attack which impacted their internal IT systems.
In a letter sent to parents, headteacher Mr. P. Berry informed them that the school’s entire IT network had been compromised in a complex encryption incident, rendering all systems inaccessible.
Mr. Berry stated that whilst the school had industry standard security measures like firewalls, antivirus, and kept systems updated, the attackers were still able to breach their defenses and encrypt critical files. This led to a situation where the school could no longer safely and effectively operate without access to digital resources and systems stored on their network.
In order to allow teachers time to prepare alternative lesson plans that did not rely on IT systems, it was decided to close the school for Monday, June 3rd, 2024 to deal with the significant cyber incident. However, examinations for students in Years 11, 12 and 13 would still take place as planned. Younger students in Years 7-9 were instructed to use remote learning platforms until systems were restored.
For those eligible, packed lunches would be provided at the main reception between 11:30am-1:30pm on the day of closure to ensure students did not go without food. In the letter, Mr. Berry acknowledged the additional disruption this may cause families but felt it was necessary considering the gravity of the incident and need to fully assess the impact before safely reopening.
Cyber Attackers Targeting Schools on the Rise in UK
Attacks on educational institutions is on the rise. The Billericay School cyberattack is just another example of it. Similar cyber incidents have been growing in recent years according to experts. Most of the incidents is are caused by ransomware, where the aggressor encrypts files until a payment is made to restore access.
Similarly, in January 2023, sensitive data from 14 UK schools was leaked online after ransomware affiliates Vice Society grew dissatisfied with negotiation progress. Information exposed included details on pupils with special education needs, passport scans, employee salaries and contracts.
Then in September 2023, the start of term was delayed for some schools after disruptive ransomware attacks over the summer holidays left them scrambling to get systems back up in time.
While the full nature and scope of the cyberattack on Billericay School remains under review, it serves as a reminder that no organization is impenetrable and constant investment is needed to withstand evolving cyber threats – no matter the industry standard security precautions in place.
The Billericay School cyber incident demonstrates how even those following best practices can fall victim to ransomware. With digital dependence growing across all sectors including education, more sophisticated hackers will continue targeting perceived weak points like schools for sensitive data or extortion payments.
Ongoing security awareness and prompt response is critical to minimize disruption from the rising tide of cyber threats. The full cost of the Billericay School cyberattack in Essex is still being determined.
