Danny Palmer
| November 17, 2021
| Topic: Security
The ransomware threat is growing: What needs to happen to stop attacks getting worse?
Watch Now
Ransomware is the most significant cybersecurity threat facing the country today, but many businesses still aren’t taking the threat as seriously as they should be, the National Cyber Security Centre (NCSC) has warned.
In its newly published annual review, the NCSC – the cybersecurity arm of intelligence agency GCHQ – details the incidents and threats the UK has faced during the past 12 months, including cyberattacks against the health service and vaccine developers during the coronavirus pandemic, state-sponsored cyber-espionage campaigns, phishing scams and more.
But while ransomware is a significant and ever-evolving threat, there are measures that organisations can take to help avoid falling victim to an attack, or lessen the impact should the network be compromised by file-encrypting malware.
SEE: Ransomware: It’s a ‘golden era’ for cyber criminals – and it could get worse before it gets better
As detailed by the paper, the most common entry point for ransomware attacks are remote desktop protocol (RDP) attacks, where hackers take advantage of insecure RDP configurations to gain access to the network. Organisations can counter this by encouraging users to use unique, difficult-to-guess passwords – the NCSC recommends using three memorable words for accounts and introducing multi-factor authentication as an extra barrier to attacks.
The shift towards remote working has led to a big rise in the use of Virtual Private Networks (VPNs) which, if not managed properly, can provide a gateway for outside attackers to enter the network.
The paper also notes how ransomware gangs take advantage of unpatched devices and advises organisations to ensure security updates are rolled out in a timely fashion to help protect the network from cyber criminals exploiting known vulnerabilities.
The NCSC regularly publishes advice on threats and now to protect networks from attacks – and one of the key aims of the organisation is to make sure the message gets heard by those who need to hear it.
“Ransomware, mostly, doesn’t need a specific response, it needs the things we’ve been telling people to do for a long time. Part of our challenge is helping people do that or understanding what they need to do to apply it as much as possible,” said Cameron.
MORE ON CYBERSECURITY
Ransomware: It’s only a matter of time before a smart city falls victim, and we need to take action nowSupply chain attacks are the hacker’s new favourite weapon. And the threat is getting biggerHave we reached peak ransomware? How the internet’s biggest security problem has grown and what happens nextBoards still aren’t taking cybersecurity seriously, warns new NCSC boss. That means everyone is at riskRansomware: Five questions you need to ask about your defences, before you get attacked
Security TV
|
Data Management
|
CXO
|
Data Centers