NCSC Focus On Ransomware Attacks

Uploaded on 2021-06-16 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Ransomware strikes have grown  significantly over the first half of 2021 with major attacks in the US and Britain, where the  National Cyber Security Centre (NCSC) has issued a warning about the increase in ransomware attacks targeting schools, colleges and universities.

Now, in a new initiative the NCSC is encouraging all organisations to sign up for its new  Early Warning Service.

Large scale  ransomware attacks like those on Ireland’s Health care services, and the US Colonial pipeline have serious economic consequences, to the extent that the US Government Accountability Office is saying that insurers, including Lloyd’s of London, are reviewing their cyber insurance coverage offered to the healthcare and education sectors, which are considered particularly vulnerable to ransom.

Ransomware is a type of cyber attack in which someone encrypts a victim’s files through malware. The attacker then demands a ransom from the victim to restore access to the data upon payment. This type of crime can affect both businesses and individuals and where malware is deployed to disable IT systems until the ransom is paid. 

The NCSC says it has seen another increase in attacks at a time when exams in education are critical as this can lead to losses of student course work, exam information and medical virus data. "It is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services... Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached.” says the NCSC.  

Some of the most common methods cyber criminals use to gain access to university networks and lay the groundwork for ransomware attacks involves targeting remote desktops with phishing emails. The NCSC also suggests that secure cloud services are introduced to help detect and prevent phishing emails.

It's also recommended that all organisations have plans to enable effective recovery, so it's possible to restore it without giving into the ransom demands of cyber criminals. This can be achieved by using, offline backups as these are the most effective way to recover from a ransomware attack.

NCSC:      NCSC:      EdTechnology:    InvestisDigital:     Professional Security:   ABC:     

Financial Times:     Lloyds:    ITPro:

To help prevent ransomware attacks in the first place Cyber Security Intelligence recommends that organisations have an independent cyber strategy and audit regularly. For advice and recommendations on your organisation's cyber security needs, please contact us directly.

You Might Also Read:

Responding To Ransomware Attacks:

 

 

« Developing A Sustainable Cyber Security Workforce
Protecting Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO was founded in 2015 with the aim of counteracting the threats posed by globally organized cybercrime and state-controlled industrial espionage.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

CyVolve

CyVolve

Cyvolve is the next great leap forward in data security, ensuring constant encryption and pervasive control over all your data.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

3wSecurity

3wSecurity

3wSecurity provides visibility to your company’s internet facing systems throughout the security life cycle, allowing for a more thorough approach to vulnerability management.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

KryptoKloud

KryptoKloud

KryptoKloud offer a suite of Managed Services including Security Monitoring and Incident Response as well as a full portfolio of Compliance, Governance and Audit solutions.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Infiot

Infiot

Infiot is a pioneer in enabling secure, reliable access with zero trust security, network optimization, edge-intelligence and AI driven operations for all remote users, devices, sites and cloud.

IGI Cybersecurity

IGI Cybersecurity

IGI Cybersecurity delivers people-driven cybersecurity for personalized, resilient cyber defense focused on individualized strategy and unshakeable partnership.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.