Online Safety Update

Created for all Northumberland Senso Safeguarding Users

Ransomware threat to schools - important information on keeping your data and school network safe and secure

I would like to make you all aware of a heightened threat relating to PYSA Ransomware and other Ransomware variants. Instances have been reported across the region and are on the increase nationally. The ransomware is capable of encrypting data AND backups kept on the network. There are early indications that Academic Institutions may be a target for this Ransomware.

Information from the National Cyber Security Centre highlights the risk for schools:

An increasing number of schools and colleges are being seriously impacted by cyber incidents: perhaps a phishing attempt to steal money and passwords, or a ransomware attack that encrypts files preventing access. But why?

• Many cyber incidents are untargeted.

They can affect any school that doesn’t have basic levels of protection.

• Schools hold plenty of sensitive information.

For example, staff and parents’ bank details, medical information about students, safeguarding records. All this has to be kept safe and confidential.

• Cyber criminals want to make money.

They understand that an organisation’s information is often sufficiently important to that organisation that they might be prepared to pay a ransom to get it back.

Please find links to training, advice and resources below to help reduce the risks of experiencing a significant cyber incident.

Resources for schools - downloadable copies of cyber security information cards

These cards have been designed to help all those who work in schools understand what cyber security is, how it’s relevant and what steps they can take to raise their school’s resilience to cyber incidents.

The NCSC’s new e-learning package

The NCSC has produced a new e-learning training package: 'Stay Safe Online: Top Tips for Staff'. It’s totally free, easy-to-use and takes less than 30 minutes to complete. The training introduces why cyber security is important and how attacks happen, and then covers four key areas:

  • defending yourself against phishing
  • using strong passwords
  • securing your devices
  • reporting incidents ('if in doubt, call it out')

The training is primarily aimed at small organisations like schools, but can be applied to any organisation, regardless of size or sector. It's been deliberately designed for a non-technical audience (who may have little or no knowledge of cyber security), with tips that complement any existing policies and procedures. Further information can be found by following this link:

Mitigating malware and ransomware attacks - how to defend your school

Schools are recommended to share and discuss this information with their technical support staff.

This guidance helps all private and public sector organisations deal with the effects of malware (which includes ransomware). It recommends steps to take before a malware infection has occurred, but also suggests steps to take if you're already infected.

Following this guidance will reduce:

  • the likelihood of becoming infected
  • the spread of malware throughout your organisation
  • the impact of the infection

For information about protecting your devices at home, please read the guidance especially for individuals and families.

Steps to take if you believe your school may already be infected

If your school has already been infected with malware, these steps may help limit the impact of the infection.

  1. Immediately disconnect the infected computers, laptops or tablets from all network connections, whether wired, wireless or mobile phone based.
  2. Consider whether turning off your Wi-Fi and disabling any core network connections (including switches) might be necessary in a very serious case.
  3. Seek technical support immediately from the NCC helpdesk (01670 627004), and by sending an email to