London-based education trust Harris Federation appears the latest victim of a ransomware attack. The incident caused the trust to pull its systems offline and disconnect students’ devices to contain the attack.
Harris Federation Suffered Ransomware Attack
Reportedly, Harris Federation, a non-profit education trust running 50 academies that educate 37,000 students, has suffered a ransomware attack.
The news surfaced online after the trust disclosed the incident via a tweet. Backing their case, Harris Federation quoted NCSC’s latest alert in which NCSC warned of targeted ransomware attacks on UK’s educational institutions.
Sharing the details on their website, Harris Federation revealed that the incident happened on March 27, 2021. The organization calls itself the fourth victim of such an incident following at least three other similar incidents in March.
Following the attack, the trust had to pull its various systems, including the internet-connected telephone systems, offline.
As a precaution, we have temporarily disabled our email system. Our telephone systems, which run on the internet, have also been disabled but each academy switchboard has been diverted to a mobile telephone. Switchboard services are therefore very limited and we would ask that you temporarily avoid telephoning us or any Harris academy other than to report absence or in emergencies.
Also, they disabled the students’ devices out of caution.
Investigations Underway
Currently, Harris Federation is continuing with the investigations as it involved the cybersecurity professionals, National Crime Agency, and the National Cyber Security Centre.
Hence, they haven’t shared any precise details of the attack besides calling it a “sophisticated attack” that impacted its systems.
Recently, the FBI also issued a security alert hinting at increased ransomware attacks targeting the UK and the US K-12 institutions. Specifically, they mentioned PYSA ransomware to conduct these attacks.
However, in the case of Harris Federation, Bleeping Computer hints of REvil involvement. Though, they couldn’t independently verify it yet.