In the Cyber Security scene, staying on top of the latest Cyber threats and trends is imperative to prepare for them. In this blog, we’ll look at a recent trend identified in Ransomware attacks within the UK.

To start with, let’s look at what the Ransomware attacks are themselves.


The type of Cyber attacks

The education sector in the UK is being hit far more often by Ransomware attacks recently than in other countries last year.

Ransomware is a type of malware that threatens to publish the victim’s data or permanently block access to it unless a ransom is paid off.

Additionally, the findings from April 2022 to March 2023 are based on known attacks where victims opted not to pay a ransom, so it’s likely the real figure is much higher.

It revealed that the education vertical accounted for 16% of attacks in the UK compared to 4% in France and Germany, and 7% in the US.


Where the Ransomware attacks originate

However, you may be wondering just where these attacks came from and why.

A report from Malwarebytes claimed the primary reason for this disparity was down to Vice Society.

You may be wondering who the Vice Society are, so we’ll give you a quick rundown.

The Vice Society is a hacking group known for ransomware extortion attacks on healthcare and educational organizations.

Their specific identities of course are unknown, however, they are believed to be Russian-speaking. Furthermore, they target those in both Europe and the United States.

The UK is one of Vice Society’s favourite targets, accounting for 21% of the group’s known attacks in the past 12 months, a close second to the US which accounted for 23%, and vastly more than the next country, Spain, which accounted for 8%.

Approximately 76% of Vice Society’s known attacks in the UK over the past 12 months hit the education sector, and Vice Society was responsible for 70% of known attacks on UK education institutions.

Even in 2022, the Vice Society’s rate of Ransomware was at large, and it hasn’t slowed down since. The infographic below shows the number of organisations they have attacked (and listed on their site) compared to other large hacking groups.

Ransomware infographic

Case Study Example-  Pates Grammar School

In January 2023, Vice Society attacked Pates Grammar School which is based in Gloucester.

The hack at Pates is estimated to have taken place when the school emailed parents to say it’s IT systems and phone lines were down. A few days later the headmaster issued a statement that their systems had been “accessed by an unauthorised third party”.

The documents that were later leaked onto the deep web, allegedly included children’s SEN information, child passport scans, staff pay scales and contract details, taken in 2021 & 2022.

As you can see from this real-life example, the UK Education Sector is still very vulnerable to these attacks.


Why was the UK so vulnerable to this Ransomware?

Another important part of explaining this trend is finding why the UK Education sector is so vulnerable to this increase in the first place.

In 2022, several people involved in providing cyber protection for UK schools were interviewed. The overall response was quite consistent: minimal numbers of IT staff were put under tremendous pressure and were ill-equipped to fight off the attack of a ransomware gang like Vice Society.

Overall, the UK suffered more ransomware attacks than any other country bar the US over the past 12 months. However, when we look at an economic loss by GDP Per Capita, Canada and Spain are the hardest hit countries globally.



You may be wondering what the takeaway from this recent trend is and how we could better defend the Education Sector in the UK in the future.

Our overall conclusion is that this should be taken as a reminder of why everyone should invest time, effort and money into their Cyber Security, whether you are an individual, business or organisation.

This is because anyone can be a target for a Cyber attack online, and the consequences of suffering without appropriate protection can be disastrous. Not only can businesses lose money from this, but also their reputation if their customer’s data is leaked.

Because of this, we strongly suggest you consider Cyber Security training or a governmental scheme for your business like Cyber Essentials.

We hope you’ve liked this blog and that you’ll stick around to see our future releases, covering everything from recent IT News to Knowledgebase articles. Thanks for reading!