As security experts warn western nations that there are growing concerns Russia will launch a series of cyber-attacks in retaliation against support for Ukraine, new figures report a 100% increase in ransomware attacks in the UK.
The number of ransomware attacks reported to the Information Commissioner’s Office increased 100% from 326 in 2020 to 654 in 2021, according to analysis of data conducted by law firm RPC, which were released today.
RPC said the rise is likely driven by the increasing profitability of ransomware attacks, which can severely hinder, if not bring a business’ operations to a standstill. As a result, a number of corporates have been forced to pay a ransom in order to have their data decrypted.
“Some larger gangs have also profited from licensing their ransomware to other criminals, enabling even those with limited technological know-how to perpetrate attacks,” the firm added. “Some criminals will scour the internet for vulnerabilities, then sell the access to other gangs who may execute the attack and exfiltrate data.”
The industry sectors that were most frequently impacted by attacks in 2021 include: Finance, insurance and credit (103 attacks), and Education and Childcare (80 attacks).
RPC added that sectors that are privy to sensitive financial data are often at the highest risk of being targeted by gangs.
Richard Breavington, partner and head of RPC’s Cyber and Tech Insurance team explained: “Ransomware attacks have been on the rise and it’s a problem that isn’t going away any time soon.
“It is becoming increasingly rare for cyber to be covered by other types of insurance policies. As a result, businesses that are not taking dedicated cyber policies run the risk of becoming underinsured.
“However, there are options for businesses that want to avoid being caught in an insurance gap. One is investing in the latest IT security software. Not only will this reduce the chances of succumbing to an attack, but it will also signal to insurers that they take matters of cyber security seriously and hopefully make it easier for them to get coverage.
“Corporates should also ensure that their systems are backed up regularly in segregated back-ups, which could help minimise business interruption in the event of an attack.”
The threat of Russian cyber-attack is growing and real according to western nations.
Last week US president Joe Biden warned: “”Based on evolving intelligence, Russia might be planning a cyber-attack against us.
“The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming.”
Biden added: “One of the tools (Russia’s) most likely to use, in my view – in our view – is cyber-attacks. They have a very sophisticated cyber capability”.
His comments came as the National Cyber Security Centre (NCSC) said Russia’s Federal Security Service (FSB) is carrying out “calculated and dangerous” targeting of critical IT systems and infrastructure around the world.
It added the UK energy sector and US aviation had been targeted by “sophisticated” hacking.
The group has also been linked to compromising software used by European manufacturers and wind turbine developers, gaining access through hacking to European and North American energy sectors, and stealing user information and getting into US energy and nuclear facilities as well as the water, aviation and critical manufacturing sectors.
“In heightened periods of international tension all organisations should be vigilant to cyber risks, and for several months the NCSC has been advising organisations to bolster their cyber security,” it added.