Government warns of ‘significant increase’ in cyber crime against academy trusts

School leaders have been urged to take action following a “significant increase” in cyber crime against academy trusts in the past year.

According to an update published today by the Education and Skills Funding Agency, some trusts have also “already experienced incidents of fraud”.

We are aware of a significant increase in incidents of cyber crime against academy trusts in the past year

Data from the Information Commissioner’s Office shows that the number of cyber-attacks on schools has risen by 69 per cent in a year. Between July and September 2017, there were 26 such reports. In the same period this year, there were 44.

At the same time, the ESFA received 39 notifications of fraud and theft last year, and dealt with 31 cases of fraud or financial irregularity allegations.

“We are aware of a significant increase in incidents of cyber crime against academy trusts in the past year and that some of you have already experienced incidents of fraud,” the ESFA stated in its update.

“You should therefore have addressed potential internal control and procedural weaknesses to reduce further risks arising.”

Leaders are urged to “familiarise” themselves with government guidance on reducing risk of financial irregularities and “take any necessary action to improve your counter fraud arrangements”.

“Fraud, theft and irregularity are a constant risk to public funds. The government estimates that fraud costs the public sector between £31bn and £49bn per year.”

In government guidance issued on the matter, organisations are urged to use firewalls, antivirus software and strong passwords, routinely back up data and train staff to ensure they check emails are from genuine senders and understand the risks of using public wifi and not following payment checks and measures.

Last March, Schools Week revealed how fraudsters impersonating headteachers managed to con schools out of £145,124.

And in May 2017, schools were urged to develop stringent “hack plans” following a global cyberattack which took down the NHS’s computer systems.