Speak to an expert : Live Chat exa online chat

Knowledge HubTMeducation

How to protect your school from ransomware attacks

Ransomware no bg

The Coronavirus pandemic, and the subsequent UK lockdowns, school closures and remote working has had a lasting impact on schools and teachers.

We’re now in a situation where teachers and students have either used their own computer or a school-provided machine on a home network. This leads to vulnerabilities and potential opportunities for system infection and data theft, due to weaker security when it comes to home connections.

Cyber criminals have quickly adapted their techniques to exploit concerns relating to current trends, resulting in ransomware attacks becoming more focussed, and thus more effective.

What is ransomware?

Ransomware is a form of malware, primarily spread through phishing emails containing malicious attachments that encrypt data on anything from a single computer, all the way up to an entire network. Hackers instil fear and panic into their victims, by demanding a ransom be paid. However, even if the ransom is paid, there is no guarantee that data will be restored or unencrypted. This is known as wiper malware.

How does ransomware impact schools?

The education sector can be a tempting target to cyber criminals, causing huge implications for schools because of the amount of sensitive data they hold. Details about students, staff and financial information are at risk and hackers know if they can put that data in danger, schools will do anything to rescue it.

How to prevent attacks

Having a secure network that only those within your school have access to will help to protect your organisation from potential attacks. Segmenting your network can help limit the spread of ransomware; having a separate network for guests is one way to help prevent unwanted access to your school’s data.

While it’s not necessarily possible to be completely secure from ransomware and other malware attacks, there are some best practices that can help significantly cut down the risk of infection:

Use anti-virus software on all of your devices and configure it to automatically update.
Install the latest software and app updates on all of your devices. This will help protect your device from viruses and hackers.
Make regular backups of your most important files. Ensure that a backup is kept separate from your network, or in a cloud service designed for this purpose.
A lot of malware – particularly targeted attacks – is spread through email. A message may pretend, and appear to be legitimate while containing malware in an attachment. Ensure an email is from a trustworthy source before interacting.
Secure passwords:
Create different passwords for each account and use random words (or letters) and numbers, ensuring this is memorable without using personal information (birthdays, names etc).

Improving employee’s awareness is critical when it comes to limiting the impact of ransomware. Treat suspicious emails with caution. Look at the domain name that sent the email. Check for spelling mistakes, review the signature and the legitimacy of the request. Hover over links to check where they lead to, never click on them without being sure.

Firewalls and Filtering

Firewalls prevent unauthorised access to an individual system or a network of computers. All messages, from an external source or leaving the system, pass through the firewall. If they do not meet security standards they are discarded, working as a filter to block suspicious and unsafe traffic. 

Content filtering services block inappropriate websites which can contain malicious files that can harm your system. They can also block certain file types from being downloaded by unauthorised users, cutting down the chances of a ransomware attack.

What to do if you have been infected

If your school’s network has already been infected with malware you should contact the NCSC. Establishing effective incident management policies and processes will help a school to recover quickly from an attack. If you think you have fallen victim to fraud, contact Action Fraud on 0300 123 2040, and speak to their cyber crime specialists, who can offer useful advice on what to do next.

Suggested Next Read

Related Knowledge Hub™ Articles

The Exa Foundation

Contact us


Contact us

Is DarkLight connectivity best suited to you?

Dark fibre is perfect if you are looking for a potentially limitless, ultrafast connection with complete flexibility and control.

If you fully rely on the internet, a dark fibre connection could be the best option for you.

Is Leased Line connectivity best suited to you?

Leased Lines are best suited to you if you have high bandwidth requirements and need a reliable, uncontended service.

It is ideal for you if you regularly carry out large uploads and downloads, use cloud based services and a VoIP telephone system as well as video conferencing, for everyday communication.

Is GPON connectivity best suited to you?

GPON is a great choice for you if you need gigabit speeds but don’t need them to be symmetrical. It is becoming more widely available across the UK but may not be immediately available to you yet.

Is Rural Fibre connectivity best suited to you?

If you want to make the move to full fibre, but are based in a rural area, this option is for you.

Is FTTP connectivity best suited to you?

If you have a number of users who use cloud-based applications to upload and download data on a daily basis, but don’t transfer large amounts of data, FTTP might be your best option.

Is Gfast connectivity best suited to you?

If your line cannot support a minimum of 100Mbps, this connection is not for you. Gfast must meet the speed as a minimum. 

If your line meets this need, and you’re looking for an ultrafast, consistent and reliable connection without the hassle and upheaval of construction work – this could be a good fit.

It’s worth noting that Gfast is a stop gap to FTTP, and is not a technology that is likely to be around for a long time.

Is FTTC connectivity best suited to you?

If you need more bandwidth but don’t really need a guaranteed speed, FTTC could be for you. It is widely available throughout the UK, making it suitable as a main connection. As this connection provides higher speeds than ADSL, it is also a good option for a back up to a leased line.

As with ADSL, once the PSTN is turned off in 2025/26, FTTC will become virtually obsolete and at the very least you will require FTTP to remain connected.



Office hours

Monday: 8:30am – 5pm
Tuesday: 8:30am – 5pm
Wednesday: 8:30am – 5pm
Thursday: 8:30am – 5pm
Friday: 8:30am – 5pm
Saturday: Closed
Sunday: Closed


Contact us

Office hours

Monday: 8am – 4pm
Tuesday: 8am – 4pm
Wednesday: 8am – 4pm
Thursday: 8am – 4pm
Friday: 8am – 4pm
Saturday: Closed
Sunday: Closed


Contact us

Office hours

Monday: 8am – 5pm
Tuesday: 8am – 5pm
Wednesday: 8am – 5pm
Thursday: 8am – 5pm
Friday: 8am – 5pm
Saturday: Closed
Sunday: Closed

Is DSL connectivity best suited to you?

DSL connections offer very limited bandwidth so it might be right for you if you typically use the internet for less data-intensive tasks. If you’re sending emails, browsing the web, downloading very small files and working with small amounts of data – you should be fine with DSL.

It is worth noting connections based on copper wire, like DSL, will be switched off in the UK by Openreach, with a phased approach due to begin at the end of 2025. If you don’t have a fibre connection at the moment, you’ll need to upgrade this as well as move to a VoIP telephone system.

Technical Support

Contact us

Office hours

Monday: 8am – 6pm
Tuesday: 8am – 6pm
Wednesday: 8am – 6pm
Thursday: 8am – 6pm
Friday: 8am – 6pm
Saturday: 10am – 4pm
Sunday: 10am – 4pm