CRIMINAL hackers who launched a cyber attack on a Bolton college have 'stolen' data in what is believed to be a ransomware threat.
The Sixth Form Bolton is the latest in a number of UK schools, colleges and universities to have suffered the cybersecurity incidents.
The 'extent and nature' of the data breach, which happened just before the start of term, is still being investigated and the college said that individuals believed to be affected have been contacted.
The National Cyber Security Centre (NCSC) issued an alert on Thursday to the education sector following an increase in hacking attempts around the start of the new academic year.
Ransomware attacks involve the encryption of an organisation’s data by cyber criminals, who then demand money in exchange for its recovery.
The centre says it dealt with several ransomware attacks against education establishments in August, which caused varying levels of disruption, depending on the level of security.
In a statement, The Sixth Form said: "The Sixth Form Bolton can confirm that we have been the target of a cyber-incident. As soon as we became aware of the incident, we engaged a group of external specialists who launched an investigation and also took immediate action in order to mitigate the impact. We reported the incident to the Information Commissioner’s Office (ICO) as well as the police, and other regulatory bodies as appropriate.
"The forensic analysis is still ongoing; however, we have now been informed of some data being exfiltrated. As a result, whilst we are not yet in a position to confirm the extent or nature of the information that may have been impacted, we have taken the precautionary measure to inform any individuals this may affect. We are working hard to conclude the investigations and will be in touch with any individuals impacted directly as soon as possible.
"We take the security of our system extremely seriously, and are doing everything in our power to support students, parents and colleagues who remain our number one priority."
Brett Callow, a senior researcher at cyber security company Emsisoft, says he believes The Sixth Form Bolton been subject to a ransomware attack.
He said: “Ransomware groups used to simply encrypt their victims’ data, but in November last year started to steal it too. They use the threat of releasing the data - or auctioning it, sometimes - as additional leverage to extort payment.
“Organizations in this situation have two problems to deal with: what to do about the fact their data has been encrypted and what to do about the fact it’s been stolen.
“The criminals’ demands have increased significantly over the last couple of years and the average is will now be somewhere between $150,000 and $250,000 USD. The highest demand we know of is $42 million.”
Paul Chichester, Director of Operations at the NCSC, said: “We are absolutely committed to ensuring UK academia is as safe as possible from cyber threats, and will not hesitate to act when that threat evolves.”
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel