Laptops handed out by the Department of Education to support home-schooling of vulnerable children during the lockdown have been found containing remote-access malware.
According to reports, laptops supplied by the Department for Education to schools supporting home-schooling during lockdown were preloaded with malware known as Gamarue. The cyber security catastrophe came to light after teachers of a school in Bradford identified suspicious files on DoE-supplied laptops and reported the same on an online IT forum.
The affected laptops, which were found laced with malware that connected to servers located in Russia, were supplied to schools under the government’s Get Help With Technology (GHWT) scheme which was unveiled in August last year. These laptops also formed part of a batch of 23,000 laptops which were manufactured by the Tactus Group.
The Department for Education (DfE) has now initiated an investigation and is presently trying to determine the number of affected devices, their sources, and whether any such affected device has already been passed on to the pupils.
A spokesperson of the Department for Education has confirmed that less than ten schools have reported the issue so far and that the laptops were pre-installed with anti-virus, which reduced the risk of the laptops getting infected during set up.
“We are aware of an issue with a small number of devices. And we are investigating as an urgent priority to resolve the matter as soon as possible. DfE IT teams are in touch with those who have reported this issue. We believe this is not widespread.
“We take online safety and security extremely seriously and we will continue to monitor for any further reports of malware. Any schools that may have concerns should contact the Department for Education,” a DfE official said.
“There are many local and national schemes which have been implemented to try and provide devices for school children in an attempt to keep as many as possible engaged in some form of education during school closures and lockdown measures.
“Whilst it is unclear where these particular laptops were sourced, it is absolutely vital that anyone seeking to source devices, whether they are bought using sponsorship or donated directly, be fully aware of the risk that they may contain dormant or active malicious software and research appropriate methods to make them safe before they are distributed to homes and families,” said Brian Higgins, security specialist at Comparitech.
Javvad Malik, security awareness advocate at KnowBe4, said the presence of malware in government-supplied laptops is a worrying incident as it shows that either the supply chain has been intentionally compromised, or poor processes have allowed infected files to be installed on the laptops.
“It’s important that organisations have correct procedures and assurance mechanisms in place to prevent any deliberate or intentional infections. This needs to be undertaken with technical and procedural controls that are underpinned by a culture of security so that all parties and steps in the process are adequately secured,” he added.