Hackers are increasingly offering their services or exploits “for hire”, according to a joint review of cyber-extortion trends in the UK, the US and Australia.
There have been further increases in “sophisticated, high-impact ransomware incidents” coming from Russia and other former Soviet states during 2021, while universities and schools were one of the top sectors targeted in the UK last year, the National Cyber Security Centre (NCSC) said, as well as businesses, charities, law firms, councils and the NHS.
Lindy Cameron, the chief executive of NCSC, said ransomware, where cybercriminals seize control of IT systems and demand payment to hand them back, is now a major issue and called on organisations to review their defences.
“Ransomware is a rising global threat with potentially devastating consequences, but there are steps organisations can take to protect themselves,” said Cameron.
“To help ensure organisations are aware of the threat and how to defend themselves, we have joined our international partners to set out the very latest threat picture alongside key advice.”
“I strongly encourage UK CEOs and boards to familiarise themselves with this alert and to ensure their IT teams are taking the correct actions to bolster resilience.”
Hackers typically come from Russia or are Russian speakers, with the west accusing Moscow of turning a blind eye to cyber-attacks, according to the report.
And ransomware attacks remain very much in the spotlight.
KP Snacks, the maker of dry roasted peanuts, Hula Hoops and McCoy’s crisps, warned last month that it was struggling to supply stores after a ransomware attack. It said supply disruption would last until “the end of March at the earliest”.
Meanwhile in November, an attack on a supplier to the UK Labour Party led to the organisation losing access to some of its membership data.
Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), said: “We live at a time when every government, every business, every person must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim.”
“Reducing risk to ransomware is core to CISA’s mission as the nation’s cyber defence agency, and while we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience.”
“With our NCSC-UK, ACSC, FBI and NSA partners, we urge organisations to review this advisory, visit stopransomware.gov to take action to strengthen their cyber security posture, and report unusual network activity or cyber incidents to government authorities.”