Special police task force takes on global cyber mafia to rescue Blackpool schools from £1.2million ransom
and on Freeview 262 or Freely 565
Fylde Coast Academy Trust remains in the grip of Rhysida - a notorious criminal group of hackers who seized control of its IT systems in September.
Affected schools include Blackpool’s Armfield, Aspire, Montgomery and Unity high schools and Gateway, Mereside, Westcliff and Westminster primary schools. Hambleton Primary Academy and Garstang Community Academy are also affected.
Advertisement
Hide AdAdvertisement
Hide AdThe ransomware gang, who operate internationally, are threatening to expose personal data stolen from school servers if the huge ransom is not paid.
The clock is ticking and time is running out...
Rhysida have given the academy trust until Tuesday (November 12) to hand over the cash. If it fails to pay, the hackers say they will sell personal data relating to staff and pupils to other criminal groups on the dark web, or otherwise make it publicly available online.
Fylde Coast Academy Trust reported the breach to Lancashire Police but the force escalated the incident to the North West Regional Organised Crime Unit (NWROCU), who are leading the investigation as they try to rescue the schools from the clutches of the global crime group.
Created in 2009, NWROCU is funded by the six police forces that make up the North West region, with Merseyside Police being the lead force. It’s made up of officers and staff from across the region who offer specialist skills to identify, disrupt and dismantle organised crime groups.
Advertisement
Hide AdAdvertisement
Hide AdThe specialist police unit is tasked with cracking the most serious and organised crime networks, including drugs and human slavery gangs.
You can read more about how the hackers have affected Fylde Coast Academy Trust here.
“No comment”
We approached NWROCU and asked how it is taking the fight to Rhysida and whether it is confident it will be able to save Fylde Coast Academy Trust from the gang before the ransom deadline.
We also asked what capabilities it has to tackle organised criminal groups operating online and outside the jurisdiction of the UK.
Advertisement
Hide AdAdvertisement
Hide AdHowever, the task force failed to respond to our enquiries and remains tight-lipped about its battle with the Rhysida hackers.
Who are Rhysida?
Rhysida is a hacker group and "ransomware as a service" provider already known for its attacks on vital infrastructure such as schools, hospitals and government agencies, having become known to intelligence services in May 2023.
In October 2023, the group attacked the online information systems of the British Library. They demanded a ransom of 20 bitcoin, at the time around £596,000, to restore services and return the stolen data.
When the British Library did not concede to the demand, Rhysida publicly released approximately 600GB of leaked material online. It has been described as "one of the worst cyber incidents in British history". It reportedly cost the British Library around £6–7 million to recover from the attack.
Advertisement
Hide AdAdvertisement
Hide AdThe British Library attack was part of a larger pattern of cyberattacks against institutions around the world. Previous attacks affected the Metropolitan Opera in New York City, Natural History Museum in Berlin and Seattle International Airport, as well as the Chilean army.
Rhysida has a history of following through with its threats to release copious amounts of personal and sensitive data when its ransom demands are not met.