The NCSC, in a joint effort with US and Australian advisories, have warned organisations about ransomware and the sophistication of these attack perpetrated by criminal ransomware gangs. The latest alert was announced on Wednesday 9th February 2022 after 2021 saw an increase in the amount of ‘sophisticated, high-impact ransomware incidents’.
Already this year, UK organisations have been told to bolster their cyber security resilience by the NCSC due to cyber incidents involving Ukraine and Russia. Only a week after it was reported that multiple European oil transport and storage companies had been hit by cyber-attacks. SEA-Invest in Belgium, Oiltanking in Germany and Evos in the Netherlands were hit, which meant dozens of oil storage terminals and transportation around the world had been affected. Closer to home, a ransomware attack had left KP Snacks uncertain when they will be able to continue operations and distributions of their products.
Trends acknowledged in the joint alert:
- Gaining access to networks via phishing, stolen Remote Desktop Protocols (RDP) credentials or brute force, and exploiting vulnerabilities.
- Using cybercriminal services-for-hire.
- Sharing victim information.
- Shifting away from “big-game” hunting in the United States.
- Diversifying approaches to extorting money.
Approaches ransomware gangs are taking to increase the impact of attacks:
- Targeting the cloud.
- Targeting managed service providers.
- Attacking industrial processes.
- Targeting organizations on holidays and weekends.
- Attacking the software supply chain.
To read in more detail or to find out the mitigation actions proposed, please click here to read the ransomware alert.
Due to the extreme threat of ransomware, the NCSC have developed a Ransomware Hub to host all their information regarding the topic and offering organisations access to their ‘Guide to Ransomware’. Please click here if you would like to print the image above for your workplace.
By working with Data Connect, we can help you devise an effective response plan to ransomware, with ongoing support from our SOC team and access to our vSOC Connect Console. All our managed services are integrated into an all-in-one platform, giving your organisation peace of mind and 360° visibility into its current cyber security health. Our portfolio of services and powerful console have been designed with the current threat landscape in mind, meaning we can provide you with ongoing business assurance that you are protected from any new cyber security trends.
If you are interested in finding out more about our platform or have any concerns about ransomware, please give us a call on 01423 425 498, click here to fill out a form or use our live chat.