In December 2023 the Joint Committee on the National Security Strategy published a cross party report of ransomware entitled - A hostage to fortune: ransomware and UK national security. It provided a worrying assessment on the UK’s readiness in dealing with this global problem and provided a number of recommendations and comments on the current state of play.
A major ransomware attack could have a devastating impact on UK citizens and the economy, and undoubtedly represents a major threat to UK national security. A sophisticated ransomware ecosystem has evolved, with criminals able to purchase advanced forms of malware and access points in order to conduct profitable and damaging attacks. This has made it much more widely available to those who wish to inflict harm for profit, and increased the scale of the threat
The report goes onto say
Past attacks demonstrate that ransomware can cause severe disruption to the delivery of core Government services, including healthcare and child protection, as well as causing ongoing economic losses. Mass data loss from an attack can be irreversible, even when the ransom is paid. Given the damage wrought by these uncoordinated ransomware attacks, a coordinated and targeted attack has the potential to take down large parts of the UK’s critical national infrastructure and public services and—in the words of the National Crime Agency—to bring the country to a standstill. It would also shine a spotlight on the inadequacy of the Government’s efforts to secure the UK against ransomware, and to prepare for the aftermath of a major cyber-attack
With this in mind, it is imperative that all organisations in both the public and private sector take action now to prevent themselves from becoming a victim of this growing and insidious crime.
What is Ransomware
Ransomware is a type of malware specifically designed to extort a victim financially.
Ransomware works by either deleting, stealing or encrypting a victim’s files then demanding a ransom for their return. Failure to comply often leads to the permanent destruction of files or the corruption of their hardware. This ransomware group may even threaten to release the data if the ransom is not paid.
The malware can cause the loss of data including staff and student records, teaching materials and course work etc. An alarming 92% of organisations that paid a ransom did not get all of their data back. On average, organisations that paid a ransom recovered only 65% of their data that had been stolen and encrypted by hackers.
The data that has been stolen may include sensitive data including appraisal and disciplinary files, staff and student records. The loss of sensitive data has massive implications including reputational damage to school, upset/harm to staff/students and possible GDPR breach. It is noteworthy that once the data is stolen then even if it is returned there is no guarantee that the criminals will not publish it at a future date.
What should I do next?
Join our community at the Eastern Cyber Resilience Centre; it’s totally free. We can talk to you about your firm’s cyber resilience and can offer guidance to free tools that you can implement straight away.
Check your current security standard using the free Cyber Essentials Readiness Tool. The Readiness Tool is an interactive set of questions that addresses different parts of your organisation’s security. A step-by-step action plan is tailored to your requirements based on your answers to the questions.
Tell us when you are ready and we can refer you to one of our Cyber Essentials Partners, who are cyber essentials accreditors in the East of England. They can accredit your work or provide technical help if required.
Further Guidance and Support
The ECRC is a police-led, not for profit organisation which companies can join for free.
When you join our community, you get:
• Threat alerts both regionally and nationally
• Signposting to free tools and resources from both Policing and the NCSC
• Little steps programme – a free course of bite-sized practical information to build cyber resilience
• Support from the ECRC team
• Free giveaways if you refer in your supply chain to join the centre
We also work with local university students, who are trained and mentored by senior ethical hackers, to deliver affordable services designed especially for small and medium businesses. So, when you're ready for an insight into if you have common vulnerabilities, are sharing a little too much online or want to review your policies and practices think of us.
Reporting a live cyber-attack 24/7
If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.
Reporting a cyber-attack which isn't ongoing
Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.
Report a phishing attack
If you suspect a phishing attack, please report it to the Suspicious Email Reporting Services (SERS) set up by the NCSC at: report@phising.gov.uk
Text messages can be forwarded to 7726