UK NCSC joins international partners to warn of increase in sophisticated, high-impact ransomware attacks

The UK’s National Cyber Security Centre (NCSC) has joined partners in the U.S. and Australia to warn of an increase in sophisticated, high-impact ransomware incidents against organizations – particularly those in the global critical infrastructure sector. The joint advisory revealed the growing technological complexity of ransomware operations with cybercriminals adopting increasingly professional tactics. Businesses are urged to take protective action to bolster resilience and mitigate ransomware threats.

Ransomware trends indicate increasing attack sophistication

In a blog posting, the UK NCSC wrote: “In 2021, cyber authorities observed a number of ransomware trends, including: increased use of cybercriminal ‘services-for-hire’, sharing of victim information between different groups of cyber criminals, and diversifying approaches to extorting money.” Ransomware groups also increased the impact of their attacks by targeting cloud services, attacking industrial processes and the software supply chain, and launching attacks on organizations during public holidays and weekends, it added.

Director of the Cybersecurity and Infrastructure Security Agency (CISA) Jen Easterly commented: “We live at a time when every government, every business, every person must focus on the threat of ransomware.”

Organizations must act to mitigate ransomware threats

The joint advisory outlined mitigation advice to network defenders to reduce the risk of a compromise, which includes implementing a requirement for multi-factor authentication, zero trust architecture, and a user training program with phishing exercises. UK NCSC CEO Lindy Cameron said that ransomware is a rising global threat with potentially devastating consequences, but there are steps organizations can take to protect themselves. “To help ensure organizations are aware of the threat and how to defend themselves we have joined our international partners to set out the very latest threat picture alongside key advice. I strongly encourage UK CEOs and boards to familiarize themselves with this alert and to ensure their IT teams are taking the correct actions to bolster resilience.”

Abigail Bradshaw CSC, head of the Australian Cyber Security Centre, echoed similar sentiments, highlighting the need for a coordinated response to ransomware threats. “It is critical that individuals, businesses, and industry follow the advice and mitigation strategies in this joint advisory to strengthen networks and uplift defenses to protect against this threat,” she added.

The FBI and NSA also weighed in on the matter and reflected on the importance of a united stand against ransomware attacks. “The FBI is committed to protecting the public from the rise in ransomware attacks that we have seen in recent years. With our partners in and outside of government, the FBI is working to bring all our tools to bear against these criminals,” said Bryan Vorndran, assistant director of the FBI’s Cyber Division.

For Rob Joyce, cybersecurity director of the NSA, the threats posed to critical infrastructure are especially poignant. “When critical infrastructure is held at risk by foreign hackers operating from a safe-haven in an adversary country, that’s a national security problem. The ransomware scourge is a significant focus area for NSA as we generate insights alongside our partners. Network defenders should take action on the mitigations in the advisory.”