NCSC Focus On Ransomware Attacks

Ransomware strikes have grown  significantly over the first half of 2021 with major attacks in the US and Britain, where the  National Cyber Security Centre (NCSC) has issued a warning about the increase in ransomware attacks targeting schools, colleges and universities.

Now, in a new initiative the NCSC is encouraging all organisations to sign up for its new  Early Warning Service.

Large scale  ransomware attacks like those on Ireland’s Health care services, and the US Colonial pipeline have serious economic consequences, to the extent that the US Government Accountability Office is saying that insurers, including Lloyd’s of London, are reviewing their cyber insurance coverage offered to the healthcare and education sectors, which are considered particularly vulnerable to ransom.

Ransomware is a type of cyber attack in which someone encrypts a victim’s files through malware. The attacker then demands a ransom from the victim to restore access to the data upon payment. This type of crime can affect both businesses and individuals and where malware is deployed to disable IT systems until the ransom is paid. 

The NCSC says it has seen another increase in attacks at a time when exams in education are critical as this can lead to losses of student course work, exam information and medical virus data. "It is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services... Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached.” says the NCSC.  

Some of the most common methods cyber criminals use to gain access to university networks and lay the groundwork for ransomware attacks involves targeting remote desktops with phishing emails. The NCSC also suggests that secure cloud services are introduced to help detect and prevent phishing emails.

It's also recommended that all organisations have plans to enable effective recovery, so it's possible to restore it without giving into the ransom demands of cyber criminals. This can be achieved by using, offline backups as these are the most effective way to recover from a ransomware attack.

NCSC:      NCSC:      EdTechnology:    InvestisDigital:     Professional Security:   ABC:     

Financial Times:     Lloyds:    ITPro:

To help prevent ransomware attacks in the first place Cyber Security Intelligence recommends that organisations have an independent cyber strategy and audit regularly. For advice and recommendations on your organisation's cyber security needs, please contact us directly.

You Might Also Read:

Responding To Ransomware Attacks:

 

 

« Developing A Sustainable Cyber Security Workforce
Protecting Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Gigasoft

Gigasoft

Gigasoft provide secure online data backup & cloud backup services for the education sector and businesses.

National Security Agency (NSA)

National Security Agency (NSA)

NSA is a US intel agency responsible for the protection of government communications and information systems against penetration and network warfare.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

National Cybersecurity Institute (NCI) - Excelsior College

National Cybersecurity Institute (NCI) - Excelsior College

NCI is Excelsior College’s research center dedicated to assisting government, industry, military and academic sectors meet the challenges in cybersecurity policy, technology and education.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

Canopius Group

Canopius Group

Canopius is a global specialty lines insurance and reinsurance company and one of the top 10 insurers in the Lloyd’s insurance market.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Telesystem

Telesystem

Telesystem empowers businesses across the USA with a range of innovative network, communication and collaboration solutions.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Domotz

Domotz

Domotz enables IT teams to monitor and manage their networks remotely, while ensuring that the security and the operational efficiency of their organizations are properly maintained.

Cakewalk

Cakewalk

Cakewalk is the new standard in easy Access Control. Trusted by IT & Security teams. Loved by employees.