A new report from the UK’s National Cyber Security Center highlights the current state of threats in the UK, with particular focus on ransomware attacks and their impact.
As we approach the end of 2022, the NCSC has released its Annual Review 2022 which covers cyberattack developments and highlights between September 2021 and August 2022. In it, a summary of the various types of threats, risks, vulnerabilities, and attacks provide the context for the NCSC to offer guidance on how organizations can better prepare themselves against the evolving threat.
Ransomware was of particular concern, called the “most significant cyber security threats facing businesses and organisations in the UK” by the NCSC. And, despite the NCSC coordinating a national response to 18 separate ransomware attacks affecting most of the UK, they raise the concern that “the true numbers of ransomware attacks in the UK each year are far higher, as organisations often do not report the compromises.”
This is a worldwide problem, as organizations don’t want to publicize an attack, for fear of the reputation and revenue repercussions that come along with it. In the U.S., the FBI recently called this lack of reporting cyberattacks a silent threat. Even the U.S. Senate called out this problem earlier this year.
The more we collectively understand about the prevalence and severity of a ransomware threat, the faster we can respond to it and find ways to keep it from happening. In the meantime, it’s somewhat “every organization for themselves” – with each org focusing on a preventative layered security strategy that includes Security Awareness Training.