NCSC Focus On Ransomware Attacks

Uploaded on 2021-06-16 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

Ransomware strikes have grown  significantly over the first half of 2021 with major attacks in the US and Britain, where the  National Cyber Security Centre (NCSC) has issued a warning about the increase in ransomware attacks targeting schools, colleges and universities.

Now, in a new initiative the NCSC is encouraging all organisations to sign up for its new  Early Warning Service.

Large scale  ransomware attacks like those on Ireland’s Health care services, and the US Colonial pipeline have serious economic consequences, to the extent that the US Government Accountability Office is saying that insurers, including Lloyd’s of London, are reviewing their cyber insurance coverage offered to the healthcare and education sectors, which are considered particularly vulnerable to ransom.

Ransomware is a type of cyber attack in which someone encrypts a victim’s files through malware. The attacker then demands a ransom from the victim to restore access to the data upon payment. This type of crime can affect both businesses and individuals and where malware is deployed to disable IT systems until the ransom is paid. 

The NCSC says it has seen another increase in attacks at a time when exams in education are critical as this can lead to losses of student course work, exam information and medical virus data. "It is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services... Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached.” says the NCSC.  

Some of the most common methods cyber criminals use to gain access to university networks and lay the groundwork for ransomware attacks involves targeting remote desktops with phishing emails. The NCSC also suggests that secure cloud services are introduced to help detect and prevent phishing emails.

It's also recommended that all organisations have plans to enable effective recovery, so it's possible to restore it without giving into the ransom demands of cyber criminals. This can be achieved by using, offline backups as these are the most effective way to recover from a ransomware attack.

NCSC:      NCSC:      EdTechnology:    InvestisDigital:     Professional Security:   ABC:     

Financial Times:     Lloyds:    ITPro:

To help prevent ransomware attacks in the first place Cyber Security Intelligence recommends that organisations have an independent cyber strategy and audit regularly. For advice and recommendations on your organisation's cyber security needs, please contact us directly.

You Might Also Read:

Responding To Ransomware Attacks:

 

 

« Developing A Sustainable Cyber Security Workforce
Protecting Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

Zeguro

Zeguro

Zeguro provides complete cybersecurity risk assessment, mitigation and insurance, allowing you to easily manage your cyber risk.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

PNGCERT

PNGCERT

PNGCERT is the national Computer Emergency Response Team (CERT) for Papua New Guinea.

xorlab

xorlab

xorlab is a Swiss cybersecurity company providing specialized, machine-intelligent defense against highly engineered, sophisticated and targeted email attacks.

Arcanna.ai

Arcanna.ai

Using a wide range of out-of-the box integrations, Arcanna.ai continuously learns from existing enterprise cybersecurity experts and scales your team’s capacity to deal with threats.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

Stack Identity

Stack Identity

Stack Identity protects access to cloud data by prioritizing identity and access vulnerabilities via a live data attack map.

Threat Con

Threat Con

Threat Con is a one of its kind event in Nepal, a series of annual international security conventions similar to the famous Black Hat and DEF CON conferences.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

SeQure

SeQure

SeQure is a cutting-edge startup specializing in the development of advanced security infrastructure for artificial intelligence and blockchain.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Queen Consulting & Technologies

Queen Consulting & Technologies

Queen Consulting & Technologies specialize in providing IT support, management, and Security to Gov’t Contractors, CPAs, and Nonprofits.