NEBRC Logo

Ransomware warning for educational institutions 

Facebook
Twitter
LinkedIn

A Russian ‘ransom-are-as-service’ gang, known as Hive, has demanded £500,000 from two sixth-form colleges in Bedfordshire, under threat of leaking stolen confidential data online.

Parents of pupils were contacted directly by members of the ransomware group who warned that their children’s personal information, including addresses, bank details, and medical records, would be leaked online if the Wootton Academy Trust fails to pay the ransom.

Despite this, the Trust said the disruption was limited, but that it had affected scheduling for next year along with the production of some grade sheets. Data is set to be retrieved from backups and it is hoped that services will resume as normal within 10 days.

However, Hive believes that the Trust has £500,000 worth in cyber insurance, which it is demanding to return the stolen data and there are concerns that the gang will release the data onto the dark web regardless of receiving a ransom as the information is so valuable.

Hive was first observed in June 2021 and had targeted 355 organisations by the end of the year. 

The group are increasingly targeting education and healthcare providers in the US, UK, Spain, andTurkey, and has been linked to 16 known attacks in 2022 so far.

Ransomware attacks have more than doubled in the UK since 2020, with 21% of businesses identifying sophisticated attacks such as these in 2022.

If you are the victim of a ransomware attack, please contact the police and Action Fraud immediately – do not pay the ransom.

For more support and guidance on ransomware, please contact the NEBRC at [email protected]

The NEBRC is a not-for-profit police-led company that aims to educate, inform, and support businesses across the UK on cyber security and online crime.