Study: Too Few Ransomware Victims Report Attacks

Study: Too few ransomware victims report attacks

According to the British cybersecurity authority, the exact consequences of ransomware attacks have not yet been assessed. In the past twelve months, the authority reports 18 ransomware attacks of national significance.

The UK’s National Cyber Security Centre (NCSC) has published its annual report. It looks at key cybersecurity developments and cybercrime incidents over the past twelve months. Among other things, it describes ransomware as “pervasive” and a “major challenge” for businesses and government agencies.

The agency reports 18 ransomware incidents that triggered a “nationally coordinated” response for the period from Sept. 1, 2021, to Aug. 31, 2022, among others. These include the NCSC’s attack on the National Health Service (NHS) and utility South Staffordshire Water.

However, the exact impact of cyber extortion cannot be fully assessed, according to the NCSC. The agency cites the fact that many organizations do not disclose ransomware attacks as a reason for this. “The actual number of annual ransomware attacks in the U.K. is far higher, as organizations often do not report the attacks,” the NCSC report states.

Phishing also threatens businesses and government agencie

“Ransomware remains one of the most acute threats to businesses and organizations in the U.K.,” said Lindy Cameron, chief executive of the NCSC. “These attacks have real consequences and are a reminder to all organizations of the importance of taking the mitigation measures outlined in our guidance. As I’ve said before, it’s critical that organizations treat cybersecurity as a real risk that must be managed at the board level.”

According to the annual report, cybercriminals have now established a business model of not only encrypting victims’ data, but also copying it to their own servers. “Perpetrators know that many companies will give in to ransomware demands to prevent their data from falling into the wrong hands,” the NCSC added.

Generally, however, paying a ransom is discouraged. On the one hand, it encourages the perpetrators to launch further attacks; on the other hand, there is no guarantee for victims that the criminals will keep their promises and decrypt data or delete copied data. According to NCSC, it is now common to release the copied data despite paying a ransom or even making additional demands.

Another threat the agency warns about is phishing attacks. “We have found that low-complexity cybercrime continues to be a scourge for the British public and businesses. The figure of 2.7 million cyber frauds last year is a clear indication of this,” Cameron said.