A small number of laptops handed out by the Department for Education to vulnerable children, reportedly contain malware linked to Russian servers
The Department for Education is urgently investigating after it was reported that some laptops handed out to vulnerable children contain malware.
The BBC found that some of these laptops, designed to help vulnerable children home school during the Coronavirus lockdown, have been found at a handful of schools.
The discovery came after teachers shared details on an online forum about suspicious files found on devices sent to a Bradford school.
The malware, they said appeared to be contacting Russian servers.
The Department for Education (DfE) was quoted by the BBC as saying it was aware and urgently investigating.
“We are aware of an issue with a small number of devices,” a DfE official reportedly said. “And we are investigating as an urgent priority to resolve the matter as soon as possible.”
“DfE IT teams are in touch with those who have reported this issue,” the official added. “”We believe this is not widespread.”
According to the forum, the Windows laptops contained Gamarue.I, a worm identified by Microsoft in 2012.
In 2017 security firm ESET was approached by Microsoft, to help in the takedown of the C&C servers of a botnet family.
That action saw police forces around the world team up to disrupt many of the long-running botnets powered by the Gamarue malware family.
The BBC reported that so far the government has sent schools more than 800,000 laptops, as it seeks to distribute more than a million devices to disadvantaged pupils who may not have computer access at home.
“Upon unboxing and preparing them, it was discovered that a number of the laptops were infected with a self-propagating network worm,” wrote Marium Haque, deputy director of Education and Learning at Bradford Council.
She recommended that schools also check their networks “as an added precaution.”
One security professional pointed out that this case showed the need to carry out rigorous virus scans, espicially of second hand laptops.
“It is particularly worrying that some laptops being prepared to hand out to students contain a virus, as one would have thought a proper scan would have highlighted this concern at an earlier stage,” said Jake Moore, cybersecurity specialist at ESET.
“However, it is not uncommon to have remnants of computer viruses on second hand machines – which therefore further emphasizes the importance of a thorough scan for malicious software before the initial use,” said Moore.
“Any good anti malware product would have detected this worm, highlighting how vital it is to have good internet security on all laptops,” Moore added. “Gamarue.1 is an old virus from quite a few years ago, but it still has the potential to be dangerous by disabling some functions or hijacking certain permissions to harvest personal information on the device, including passwords. If left untouched, it could also copy itself onto USBs or other connected devices.”