NCSC Focus On Ransomware Attacks

Uploaded on 2021-06-16 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Ransomware strikes have grown  significantly over the first half of 2021 with major attacks in the US and Britain, where the  National Cyber Security Centre (NCSC) has issued a warning about the increase in ransomware attacks targeting schools, colleges and universities.

Now, in a new initiative the NCSC is encouraging all organisations to sign up for its new  Early Warning Service.

Large scale  ransomware attacks like those on Ireland’s Health care services, and the US Colonial pipeline have serious economic consequences, to the extent that the US Government Accountability Office is saying that insurers, including Lloyd’s of London, are reviewing their cyber insurance coverage offered to the healthcare and education sectors, which are considered particularly vulnerable to ransom.

Ransomware is a type of cyber attack in which someone encrypts a victim’s files through malware. The attacker then demands a ransom from the victim to restore access to the data upon payment. This type of crime can affect both businesses and individuals and where malware is deployed to disable IT systems until the ransom is paid. 

The NCSC says it has seen another increase in attacks at a time when exams in education are critical as this can lead to losses of student course work, exam information and medical virus data. "It is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services... Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached.” says the NCSC.  

Some of the most common methods cyber criminals use to gain access to university networks and lay the groundwork for ransomware attacks involves targeting remote desktops with phishing emails. The NCSC also suggests that secure cloud services are introduced to help detect and prevent phishing emails.

It's also recommended that all organisations have plans to enable effective recovery, so it's possible to restore it without giving into the ransom demands of cyber criminals. This can be achieved by using, offline backups as these are the most effective way to recover from a ransomware attack.

NCSC:      NCSC:      EdTechnology:    InvestisDigital:     Professional Security:   ABC:     

Financial Times:     Lloyds:    ITPro:

To help prevent ransomware attacks in the first place Cyber Security Intelligence recommends that organisations have an independent cyber strategy and audit regularly. For advice and recommendations on your organisation's cyber security needs, please contact us directly.

You Might Also Read:

Responding To Ransomware Attacks:

 

 

« Developing A Sustainable Cyber Security Workforce
Protecting Critical Infrastructure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

USNA Center for Cyber Security Studies

USNA Center for Cyber Security Studies

The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

Qufaro

Qufaro

Qufaro is a new initiative designed to make it simpler for those with career ambitions in cyber security to access the UK’s cyber-specific education and innovation opportunities.

SK IT Cyber Security

SK IT Cyber Security

SK IT provide services and solutions for cybersecurity and advanced information system engineering.

Codeproof Technologies

Codeproof Technologies

The Codeproof enterprise mobility solution empowers your business to secure, deploy and manage mobile applications and data on smartphones, tablets, IoT devices and more.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

BullGuard

BullGuard

BullGuard is an award-winning cybersecurity company focused on providing the consumer and small business markets with the confidence to use the internet in absolute safety.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

OwnBackup

OwnBackup

OwnBackup proactively prevents you from losing mission-critical data and metadata with automated backups and rapid, stress-free recovery.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

StrongBox.Academy

StrongBox.Academy

StrongBox.Academy provides cybersecurity training courses that are tailored to the specific needs and challenges of the industry.

63Sats Cybertech

63Sats Cybertech

63SATS is the cybersecurity business unit of 63 Moons Technologies, a world leader in providing next-generation technology ventures, innovations, platforms, and solutions. 

Dotsquares

Dotsquares

Dotsquares leverage the latest web and mobile technologies to build, grow and support your business.

Sherweb

Sherweb

Sherweb are a marketplace of leading cloud solutions and value-added services delivered by a team of passionate experts invested in MSP growth.