Monday 20th November
Ransomware tops the list of cyber risks
Ransomware and extortion attack operations are amongst the most prominent risks facing UK businesses, according to the National Cyber Security Centre (NCSC) – a part of GCHQ – in partnership with the National Crime Agency (NCA). The report Ransomware, extortion, and the cybercrime ecosystem outlines the tactics used by cybercriminals or organised criminal groups (OCGs).
Ransomware: An opportunistic cyber crime
The report emphasises that ransomware remains one of the most acute cyber threats facing the UK and that all UK organisations should take action to protect themselves from this pervasive threat. The NCSC report describes ‘ransomware as a service’ model, allowing less skilled criminals to launch attacks using pre-developed ransomware tools. It says OCGs operate like legitimate businesses and conduct cybercriminal activity or facilitate others to do so.
The report also states that cyber criminals attack businesses on an opportunistic rather than targeted basis. The NCSC has observed that OGCs are completely financially motivated, exploiting weaknesses in an organisation’s systems, so an up-to-date cyber resilience strategy can help prevent these risks.
NCSC CEO Lindy Cameron said:
“While the NCSC is resolute in tackling this threat with our partners, all organisations must take action to protect themselves. I urge network defenders to read this report and to implement our ransomware guidance to boost their cyber resilience.“
How will cyber insurance protect my business?
Kerry London’s cyber experts can arrange cyber insurance for those seeking a more robust level of cyber protection. Cyber insurance helps with the cost of a cyber-attack and is continuously updated and relevant to current cyber risks.
NCA Director General of Threats, James Babbage, said:
“The proliferation of capable cybercrime tools and services, and subsequent lowering of the barrier of entry, means that ransomware, especially ransomware-as-a-service, will continue to be a significant threat to UK individuals, businesses and organisations.
However, as this report makes clear, a whole of system response is required to be effective; prevention, protection, and collaboration with international and private sector partners are key.“
Other government support
The NCSC offers comprehensive guidance to help businesses reduce the risk of experiencing a ransomware attack. They also recommend businesses sign-up for their free Early Warning service, which notifies organisations of suspicious activity or ransomware risks that could affect their networks.
The report highlights that most incidents are not due to sophisticated attack techniques. Cyber criminals take advantage of poor cyber hygiene, which further reinforces the importance of businesses having solid defences in place.
Share this story
We’re here to help
Get in touch with the team for expert advice
Kerry London is authorised and regulated by the Financial Conduct Authority. The company is a leading UK independent and Lloyd’s accredited broker, which means that we work with a wide range of niche and major insurers.
This note is not intended to give legal or financial advice, and, accordingly, it should not be relied upon for such or regarded as a comprehensive statement of the law and/or market practice in this area. In preparing this note, we have relied on information sourced from third parties, and we make no claims as to the completeness or accuracy of the information contained herein. You should not act upon information in this bulletin nor determine not to act without first seeking specific legal and/or specialist advice. We and our officers, employees or agents shall not be responsible for any loss whatsoever arising from the recipient’s reliance upon any information we provide herein and exclude liability for the content to the fullest extent permitted by law.
Categories: Cyber,