Font Size: A A A


NCSC on rise in ransomware attacks

Over the past 12 months the UK official National Cyber Security Centre (NCSC) has responded to a rise in ransomware attacks, and a range of services have been provided to businesses over the year to help protect them from ransomware. That’s according to the NCSC’s annual report on its fifth year of working, to August 2021.

Lindy Cameron, CEO of the NCSC, pictured, said: “I’m proud of the way the NCSC has responded to what has been another hugely challenging year for the country as we all continue to navigate our way through the pandemic. The support and expertise we have provided for stakeholders from government all the way through to the general public during the pandemic has been vital to keeping the country safe online.

“Undoubtedly there are challenges ahead, but the upcoming National Cyber Strategy combined with the continued engagement from businesses and the public provides a solid foundation for us to continue reducing the impact of online threats.”

As for the report in figures, the NCSC handled what it described as an unprecedented 777 incidents in the last year – a rise from 723 last year and an average of 643 since launching in 2016. The NCSC’s Suspicious Email Reporting Service (SERS) received nearly six million reports, leading to the removal of more than 53,000 scams. Since launching in April 2020, the SERS has received more than eight million reports, leading to more than 67,000 scams taken down.

Typically the NCSC only takes on the most serious cyber cases reported, whether in terms of size or their effect on critical digital infrastructure. For example, the report sets out that support for academic institutions doing vaccine research was one of the NCSC’s key interventions during the covid pandemic response. As a result of the NCSC’s services, the University of Oxford protected itself from an attempted ransomware attempt.

For the 86-page document free to download, visit the NCSC website. Besides detailing the threats, it also features ten steps to cyber resilience; ‘active’ cyber defence services; and Jeremy Fleming, Director of GCHQ, the Government intelligence-gathering and cyber agency, that NCSC is a part of. See also a recent ‘fireside chat’ with Sir Jeremy; on the GCHQ website.


Jude McCorry, CEO of the Scottish Business Resilience Centre (SBRC) said: “It’s alarming to see the number of cyber incidents increasing but these figures are far from surprising. Most businesses have been focussed on recovery over the last year – understandably – but this has left them vulnerable to the threats of opportunistic cyber criminals. While the report focuses on Covid related incidents, it’s important to note the upward trajectory in cyber crime overall. Now more than ever, individuals and businesses must be on high alert for sophisticated cyber scams. It’s definitely not the time for anyone to let their guard down. The NCSC does an incredible job of monitoring, managing and preventing such incidents – without them it is likely these figures could have been much higher.

“Nonetheless, these figures are a stark reminder to organisations that they must take a proactive approach to their cyber planning. But they don’t have to do this on their own. There is a broad range of support available – from workshops like Exercise in a Box and programmes to upskill board members, to online resources and advice lines to ensure businesses have the practical support they need to ensure they do not become a statistic.”

The notion of ‘digital trust’ has clearly come to the fore in the NCSC’s Annual Review in the wake of the high-profile SolarWinds and Exchange software supply chain attacks, as well as numerous covid-19 attacks on newly-formed ‘digital’ supply chains, said Daniel Lattimer, Director Government & Defence, EMEA at the cyber firm CyberArk. “The UK Government is already considering plans to mitigate this risk by requiring IT service providers to adopt the NCSC’s Cyber Assessment Framework, and it is an issue that has been raised in other countries too. The Biden administration, for example, issued an executive order earlier this year to review cyber vulnerabilities in critical technologies used by US, while a report from ENISA, the European Union Agency for Cybersecurity, suggests the number of supply chain cyberattacks in 2021 will quadruple in comparison to last year. The NCSC is therefore right to raise awareness around supply chain attacks; it is vital for both the public and private sector to put in place initiatives that decrease risk and improve trust across the software ecosystem, as it is now a proven route to affect many organisations using a single vulnerability in software in common use.“

“Protecting against software supply chain attacks means organisations must ensure that the fundamentals – like enabling multi-factor authentication (MFA) and implementing Zero Trust principles – are in place. But an initiative that the government could consider is to mandate greater transparency into what’s actually inside the software organisations are implementing – including visibility into open-source components, similar to looking at the ingredients in a ready meal you buy from the supermarket. A ‘Bill of Materials’ approach applied to the software supply chain would result in greater visibility, transparency and collaboration. All of which present positive steps forward in achieving digital trust, in the context of a COVID-19 vastly extending the digital threat landscape.”

Sadly, ransomware and information stealers are the most common type of malware used against the healthcare sector, said Adam Enterkin, Chief Revenue Officer, Cybersecurity, BlackBerry. He said: “BlackBerry’s latest research uncovered that globally, healthcare organisations are more likely to pay ransoms than other industries due to the critical nature of the targeted data.

“While many healthcare organisations have the technology to defend against these threats, they lack large and highly skilled teams. Automation is key: technology must take on the heavy lifting, to allow healthcare professionals to prioritise both immediate care and ever-present cyber threats.”

“Humans and tech must work hand in hand, so the professionals are equipped with the right knowledge and skillsets to keep our enterprises, and our country, safe, even before the attackers have the chance to strike.”


Related News