The head of the National Cyber Security Centre (NCSC) says that ransomware has become the biggest threat to the UK’s people and businesses.
In her speech in June at the Royal United Services Institute (RUSI) Annual Security Lecture, Lindy Cameron (NCSC CEO) advised organisations to take the ransomware threat seriously:
“For most UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cyber criminals, and in particular the threat of ransomware.”
Earlier in June, Joe Biden and his teams announced that they were “looking closely” at Russian ransomware attacks, including one on a US meat producer.
The US National Security Adviser, Jake Sullivan, stated that the administration will be picking up ransomware, which he referred to as a “national security priority”, at each of President Biden’s stops during his first foreign trip as US President, and he hopes to find shared commitments from allies on ways to reduce cyber threats.
Back in April, the head of GCHQ noted that “the pace of change – in both threats and our response – has accelerated during the pandemic”, and cyber-criminals have been able to “exploit the accelerations in connectivity and poor cybersecurity” over the last year.
Jeremy Fleming, Director of Government Communications Headquarters (GCHQ), the intelligence and security hub for the UK and parent of the NCSC, observed that cyber security is now underpinning more of our lives than ever before; “where data has become the Crown jewels that we must protect.”
Speaking at the Vincent Briscoe Lecture for the Institute for Security, Science and Technology, Fleming warned that ransomware is a “serious threat, both in terms of scale and severity. Increasingly, it targets crucial providers of public services, as well as businesses, as criminals play on our dependence on tech.”
Security vendor Sophos found in their State of Ransomware 2021 report that over a third of respondents had been hit by ransomware in the previous year, and that over a third did not get their data restored after paying a ransom.
New ways of working
It perhaps isn’t a huge surprise that ransomware is increasing amidst the change in working practices around the globe.
Big four UK accounting firm KPMG found, in a COVID-19 focussed study, that the risk of ransomware generally had increased as a result of things like remote working and the ability of cyber criminals to use health-related matters as bait to engage victims.
There’s also the potential issue that, when connected at home, users and devices don’t necessarily have the same protections that they do in the office. Things like network defences (firewalls etc.) and user account settings (e.g. restrictions on access levels) can be stronger in businesses than they are at home, meaning attackers may be able to find easier ways in.
Ransomware attack vectors
The ‘attack vector’ is the method the attack uses to perform a malicious action. Three of the most common ransomware attack vectors are:
- Remote access
- System vulnerabilities
Find out more about how ransomware spreads in our Think IT Insights ransomware article.
Ways to protect against ransomware
Here are some practical steps you can take to protect yourself against ransomware:
- Make regular offline backups
- Use good anti-malware solutions
- Keep systems up to date
- Use ‘least privilege’
- Increase user awareness
These steps are set out in more detail in our ‘Ransomware Explained’ Think IT Insights article. If you need help with any of this, as always just drop us a line or give us a call and we’ll assist with whatever you need.
What to do if you’ve become infected with ransomware
We’ve set out some important steps to take in our Think IT Insights ransomware article if a ransomware infection has occurred.
Ransomware is a type of malware that prevents access to a computer system or to data, and requests that the victim pays a sum (the ‘ransom’) to regain access. Read more about ransomware in our Think IT Insights ransomware article.
The NCSC is the UK Government organisation responsible for advising and supporting the public and private sectors in improving cyber security, and is part of Government Communication Headquarters (GCHQ). Find out more in our Think IT Insights NCSC article.