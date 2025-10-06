Share



UK secondary schools are facing a widespread cyber threat, with six out of ten reporting a cyber-attack or security breach in the past year.

This figure, derived from a new UK government survey, highlights the education sector’s particular vulnerability, as schools and universities are now more likely to be targeted than private businesses.

The data reveals that the risk is highest for larger institutions, with eight out of ten further education colleges and nine out of ten higher education institutions suffering an attack over the same period.

By comparison, only four out of ten private businesses reported similar incidents. The most common form of attack across the sector is phishing emails, which attempt to trick recipients into divulging sensitive information, such as passwords.

The high rate of incidents is attributed less to deliberate, specific targeting and more to the “dragnet of cybercrime attacks” sweeping the internet.

Toby Lewis, Global Head of Threat Analysis at Darktrace, suggests an “element of randomness and opportunism” in the targeting, with threat actors – often known as “initial access brokers”- selling access to compromised systems to larger hacking groups.

However, certain factors make educational bodies particularly susceptible. State schools are often more vulnerable due to funding pressures and a lack of specialist expertise to bolster their defenses.

Meanwhile, universities are attractive targets because their networks are designed for academic cooperation, making them more open, and they host thousands of students who may not be cybersecurity-literate. This lack of robust defence and wide-open access makes them easier targets than more secure private businesses.

The Department for Education has responded by assuring schools of a range of support, including a dedicated incident response team and free training in partnership with the UK’s National Cyber Security Centre.

Despite these efforts, ransomware attacks remain a “major risk” to the sector, with Ministers reportedly preparing proposals to ban public bodies from making ransom payments to deter future assaults.

