This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/cy8d0x0yxe1o
The article has changed 8 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| Exam revision disrupted as cyber attackers target Edinburgh council | Exam revision disrupted as cyber attackers target Edinburgh council |
| (about 5 hours later) | |
| Parents have been sent texts telling them that students' passwords have been reset as a precaution | Parents have been sent texts telling them that students' passwords have been reset as a precaution |
| Pupils in Edinburgh were cut off from revision resources ahead of key exam dates after an attempted cyber attack on the council's education department. | |
| Staff spotted a suspicious invitation to a meeting earlier on Friday and realised it was "spear-phishing" - which impersonates a trusted source. | Staff spotted a suspicious invitation to a meeting earlier on Friday and realised it was "spear-phishing" - which impersonates a trusted source. |
| Parents were sent texts telling them that students' passwords have been reset as a precaution - meaning pupils studying for exams no longer had access to their school's learning resources. | |
| Pupils have been going into schools to be given new passwords. | |
| On Friday night, the council said pupils preparing for exams would be given priority support following what it called a "difficult but necessary" decision. | |
| It follows a suspected criminal ransomware cyberattack on schools in West Lothian earlier this week. | It follows a suspected criminal ransomware cyberattack on schools in West Lothian earlier this week. |
| Edinburgh Council's education, children and families convener James Dalgleish said staff spotted "unusual and suspicious activity" on the schools and early years IT network. | |
| He added: "As a result, we took the precautionary decision to immediately reset passwords for all users across our education service. | He added: "As a result, we took the precautionary decision to immediately reset passwords for all users across our education service. |
| "I fully appreciate the impact this will have, particularly on those students preparing for their exams next week – but, unfortunately, we had no choice. This was a difficult but necessary decision to ensure our networks remain secure and protected." | "I fully appreciate the impact this will have, particularly on those students preparing for their exams next week – but, unfortunately, we had no choice. This was a difficult but necessary decision to ensure our networks remain secure and protected." |
| The council said no data had been compromised by the attempted attack. | The council said no data had been compromised by the attempted attack. |
| New passwords | |
| Exams began on Friday 25 April with key dates in the coming week, including the Higher maths exam on Monday. | Exams began on Friday 25 April with key dates in the coming week, including the Higher maths exam on Monday. |
| Pupils were told they could access their personal revision materials by going to their schools on Saturday morning. | |
| A member of staff then issued them with a new password, while an online help page has been set up by the council. | |
| Spear-phishing usually differs from typical phishing attacks by being more focused, as opposed to the quantity of targets a usual phishing message will be sent to. | Spear-phishing usually differs from typical phishing attacks by being more focused, as opposed to the quantity of targets a usual phishing message will be sent to. |
| Messages in spear-phishing can be more personalised, in an attempt to trick the victim into believing it is from a genuine contact. | Messages in spear-phishing can be more personalised, in an attempt to trick the victim into believing it is from a genuine contact. |
| Tech companies like Twitter, now X, have been attacked via spear-phishing in the past. | Tech companies like Twitter, now X, have been attacked via spear-phishing in the past. |
| Students in Edinburgh use council-provided iPads, as part of the local authority's Empowered Learning programme. | Students in Edinburgh use council-provided iPads, as part of the local authority's Empowered Learning programme. |
| Second attack | Second attack |
| West Lothian Council had to resort to contingency measures to keep schools open earlier this week after the local authority's education network was attacked. | West Lothian Council had to resort to contingency measures to keep schools open earlier this week after the local authority's education network was attacked. |
| A spokesperson for the council said there was no evidence any personal or sensitive data had been accessed in the attack. | A spokesperson for the council said there was no evidence any personal or sensitive data had been accessed in the attack. |
| Ransomware is a type of malware which prevents someone from accessing a device and the data stored on it, usually by encrypting files, according to the National Cyber Security Centre. | Ransomware is a type of malware which prevents someone from accessing a device and the data stored on it, usually by encrypting files, according to the National Cyber Security Centre. |