NCSC joins US and Australia in ransomware advisory

The National Cyber Security Centre has warned of a growing wave of increasingly sophisticated ransomware attacks in its first joint advisory with international partners on the threat.

Ransomware attacks involve the blocking of access to computers or data by cyber criminals, who then demand payment from the victim before they can retrieve it.

The advisory, published alongside the Australian Cyber Security Centre (ACSC), Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA), details both the threat picture for 2021 as well as the mitigation steps organisations can take.

Last year, cyber authorities observed a number of ransomware trends, including: increased use of cyber criminal ‘services-for-hire’; sharing of victim information between different groups of cyber criminals; and diversifying approaches to extorting money.

The joint advisory also offers mitigation advice to network defenders which will reduce the risk of a compromise, which includes implementing a requirement for multi-factor authentication, Zero Trust architecture, and a user training programme with phishing exercises.

The advisory follows the NCSC’s recently launched Ransomware Hub, which is a one-stop shop for advice on how ransomware works, on whether a ransom should be paid, and how to prevent a successful attack.

Lindy Cameron, CEO of NCSC, said: “Ransomware is a rising global threat with potentially devastating consequences but there are steps organisations can take to protect themselves. To help ensure organisations are aware of the threat and how to defend themselves we have joined our international partners to set out the very latest threat picture alongside key advice. I strongly encourage UK CEOs and Boards to familiarise themselves with this alert and to ensure their IT teams are taking the correct actions to bolster resilience.”