NCSC Focus On Ransomware Attacks

Ransomware strikes have grown  significantly over the first half of 2021 with major attacks in the US and Britain, where the  National Cyber Security Centre (NCSC) has issued a warning about the increase in ransomware attacks targeting schools, colleges and universities.

Now, in a new initiative the NCSC is encouraging all organisations to sign up for its new  Early Warning Service.

Large scale  ransomware attacks like those on Ireland’s Health care services, and the US Colonial pipeline have serious economic consequences, to the extent that the US Government Accountability Office is saying that insurers, including Lloyd’s of London, are reviewing their cyber insurance coverage offered to the healthcare and education sectors, which are considered particularly vulnerable to ransom.

Ransomware is a type of cyber attack in which someone encrypts a victim’s files through malware. The attacker then demands a ransom from the victim to restore access to the data upon payment. This type of crime can affect both businesses and individuals and where malware is deployed to disable IT systems until the ransom is paid. 

The NCSC says it has seen another increase in attacks at a time when exams in education are critical as this can lead to losses of student course work, exam information and medical virus data. "It is important that senior leaders understand the nature of the threat and the potential for ransomware to cause considerable damage to their institutions in terms of lost data and access to critical services... Due to the prevalence of these attacks, you should be sure to follow NCSC’s mitigating malware and ransomware guidance. This will help you put in place a strategy to defend against ransomware attacks, as well as planning and rehearsing ransomware scenarios, in the event that your defences are breached.” says the NCSC.  

Some of the most common methods cyber criminals use to gain access to university networks and lay the groundwork for ransomware attacks involves targeting remote desktops with phishing emails. The NCSC also suggests that secure cloud services are introduced to help detect and prevent phishing emails.

It's also recommended that all organisations have plans to enable effective recovery, so it's possible to restore it without giving into the ransom demands of cyber criminals. This can be achieved by using, offline backups as these are the most effective way to recover from a ransomware attack.

NCSC:      NCSC:      EdTechnology:    InvestisDigital:     Professional Security:   ABC:     

Financial Times:     Lloyds:    ITPro:

To help prevent ransomware attacks in the first place Cyber Security Intelligence recommends that organisations have an independent cyber strategy and audit regularly. For advice and recommendations on your organisation's cyber security needs, please contact us directly.

You Might Also Read:

Responding To Ransomware Attacks:

 

 

« Developing A Sustainable Cyber Security Workforce
Protecting Critical Infrastructure »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / Zero Trust Network Access Guide

Perimeter 81 / Zero Trust Network Access Guide

Curious how you can Implement a Zero Trust roadmap with insights from Gartner? Download this free report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

Bastille

Bastille

Bastille’s patented software and security sensors bring visibility to devices emitting radio signals (Wi-Fi, cellular, IoT) in your organization.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Precise Biometrics

Precise Biometrics

Precise Biometrics develop and sell fingerprint software for convenient and secure authentication of people’s identity in mobile devices, smart cards and other products with fingerprint sensors.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

Sevonix

Sevonix

Sevonix is a professional services organization specializing in offering best in class technology implementation and information security consulting services.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

CleanCloud

CleanCloud

CleanCloud is a public cloud infrastructure management platform.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

ClearVector

ClearVector

ClearVector is a leading provider of realtime, identity-driven security for the cloud.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.