Ransomware attacks on businesses growing

UK, US and Australian cyber security authorities are warning of a growing wave of increasingly sophisticated ransomware attacks which could have significant consequences for businesses and organisations across the world.

In their joint advisory, they reveal that the tactics of ransomware groups evolved last year. Trends observed in 2021 include:

  • targeting organisations on public holidays and weekends
  • attacking industrial processes and the software supply chain
  • targeting cloud services
  • disrupting work and shutting down services
  • holding organisations to ransom until demands have been paid
  • increased use of cybercriminal ‘services-for-hire’
  • sharing of victim information between different groups of cyber criminals
  • diversifying approaches to extorting money

Businesses and organisations are encouraged to familiarise themselves with the risks and ensure their IT teams are taking the correct actions to bolster resilience.

The advisory suggests ways to mitigate risk of compromise by ransomware by implementing a requirement for multi-factor authentication, Zero Trust architecture, and a user training programme with phishing exercises.

The advisory follows the National Cyber Security Centre’s (NCSC) recently launched Ransomware Hub, which is a one-stop shop for advice on how ransomware works, on whether a ransom should be paid, and how to prevent a successful attack.

UK organisations which fall victim to a cyber-attack should report the incident to the NCSC’s 24/7 Incident Management team.

Cybersecurity is not only for larger businesses and public organisations. SMEs are in fact some of the most vulnerable targets for cybercrime, and therefore this topic should be at the forefront of all business leaders’ minds.

Read a copy of our briefing note entitled ‘Is your business protected against cyber threats?’ for some points to help SMEs safeguard against cybercrime and be prepared.

For more information, please contact Gareth Dalton or your usual Beavis Morgan Partner who will be able to assist by putting you in touch with the right provider from within our extensive network of contacts.

IT security is a collective responsibility and it is essential that SMEs take the necessary steps to protect against cyber attacks.

Read more: Joint advisory highlights increased globalised threat of… – NCSC.GOV.UK