The National Cyber Security Centre (NCSC) issued advice in March 2021, having already done so in 2020, about an increase in targeted ransomware attacks on the UK education sector.

Attacks took place against schools, colleges and universities in the UK, including the Harris Federation, Castle School Education Trust and Newcastle University, and likely sought to exploit the increase in use of digital platforms for learning.

It’s not just schools that are affected either. Big four UK accounting firm KPMG found, in a COVID-19 focussed study, that the risk of ransomware generally had increased as a result of things like remote working and the ability of cyber criminals to use health-related matters as bait to engage victims.

The impact of ransomware

Ransomware is among the most devastating of the ‘mainstream’ cyber-attacks.

If the data is so important it cannot be lost, and there are no effective methods to recover or restore it, paying the ransom may be the only option. US ransomware recovery firm Coveware estimate that the median ransom payment at the end of 2020 was almost $50,000.

Choosing not to pay avoids this cost, but means that either the data will be lost, or costs of one sort or another will be incurred in recovering from the attack. The 2019 UK Government Cyber Security Breaches Survey found the average cost to micro and small businesses of attacks where data was lost, including ransomware, was £3,650.

Ransomware attack vectors

The ‘attack vector’ is the method the attack uses to perform a malicious action. Three of the most common ransomware attack vectors are:

  • Email
  • Remote access
  • System vulnerabilities

Find out more about how ransomware spreads in our Think IT Insights ransomware article.

Ways to protect against ransomware

Here are some practical steps you can take to protect yourself against ransomware:

  1. Make regular offline backups
  2. Use good anti-malware solutions
  3. Keep systems up to date
  4. Use least privilege
  5. Increase user awareness

These steps are set out in more detail in our ‘Ransomware Explained’ Think IT Insights article. If you need help with any of this, as always just drop us a line or give us a call and we’ll assist with whatever you need.

What to do if you’ve become infected with ransomware

We’ve set out some important steps to take in our Think IT Insights ransomware article if a ransomware infection has occurred.

If you need urgent help, contact us by phone (01392 435803), email ( or both.


Ransomware is a type of malware that prevents access to a computer system or to data, and requests that the victim pays a sum (the ‘ransom’) to regain access. Read more about ransomware {insert link to Insights article}.

The National Cyber Security Centre (NCSC) is the UK Government organisation responsible for advising and supporting the public and private sectors in improving cyber security, and is part of Government Communication Headquarters (GCHQ). Find out more in our Think IT Insights NCSC article.