On September 11, the UK’s National Cyber Security Centre (NCSC) and National Crime Agency (NCA) unveiled an updated report detailing the upsurge in ransomware and extortion attacks.
The whitepaper primarily attributes this recent surge to poor cyber hygiene, underscoring that most ransomware attacks are more straightforward than sophisticated.
Crypto: Central to Ransomware Attacks
According to the report, ransomware attacks spiked by over 150% in 2021, with global losses exceeding $20 billion.
Ransomware involves malware restricting access to computer systems or data, demanding ransom for its release. Usually, perpetrators demand payment in crypto, such as Bitcoin, offering decryption keys in return. In certain situations, the attackers also menace releasing sensitive stolen data.
Such attacks have paralyzed businesses, hospitals, schools, and vital infrastructures. Moreover, given the pseudonymity and the challenges of tracing crypto, these assets have become indispensable to ransomware attacks.
Read more: 15 Most Common Crypto Scams To Look Out For
In May 2017, the UK’s National Health Service (NHS) faced a significant ransomware threat known as “WannaCry.” This attack disrupted the NHS computer systems, hampering patient care and regular hospital functions.
Despite halting the attack within 24 hours, the aftermath for NHS, Europe’s largest employer, was a bill of $115 million and 19,000 canceled appointments.
The whitepaper underscores the efficacy of NCSC’s guidance in thwarting most attacks. It identifies issues such as outdated devices, fragile passwords, and a lack of multi-factor authentication as primary attack facilitators.
Ransomware Attacks: A Game of Opportunity
Although high-profile attacks garner significant media attention, the report emphasizes that the prevalence of ransomware is primarily due to opportunism rather than deliberate targeting. Typically, attackers exploit the easiest available vulnerabilities.
The Rt Hon Tom Tugendhat, Minister for Security, penned a foreword for the report, showcasing the UK government’s accomplishments in the fight against cybercrime and ransomware.
Recent efforts include sanctions against multiple Russian ransomware criminals, collaboration with international agencies like the FBI to dismantle significant ransomware networks, and partnering with various countries to counter cyber theft platforms.
Read more: Top 10 Must-Have Cryptocurrency Security Tips
While the Minister pledged ongoing measures to shield cyberinfrastructure, he stressed the onus on organizations to prioritize security. Tugendhat hopes the new report will be a pivotal resource for comprehending and thwarting ransomware threats.
Guidelines for Enhanced Security
The report delineates several measures for organizations to bolster security:
- Adopt a vulnerability management program for prompt patch deployment.
- Strengthen password policies and promote multi-factor authentication.
- Advocate for password managers, device updates, and caution against dubious links.
The NCSC’s ransomware recommendations advocate for a proactive, multi-layered defense strategy. These include regular offline data backups, quick patching, suspicious email filtering, system hardening, strong credential requirements, ready response plans, and rapid action in the event of an attack.
The post UK Blames Cyber Hygiene for Spike in Ransomware Attacks appeared first on BeInCrypto.