Ransomware continues to be a significant cyber threat to businesses and the general public – but it's difficult to know the true impact of attacks because many victims aren't coming forward to report them.
That's demonstrated by how the review details how in the 12-month period between 1 September 2021 and 31 August 2022 there were 18 ransomware incidents that needed a "nationally coordinated" response. These included attacks on a supplier to the National Health Service (NHS) and a ransomware attack against South Staffordshire Water.
However, the true impact of ransomware remains unclear, because the NCSC says that many organizations that fall prey to ransomware attacks aren't disclosing them.
That lack of reporting is despite the significant and disruptive consequences ransomware attacks can have, not only for organizations that fall victim, but for wider society – which is why it's vital that cybersecurity is taken seriously and incidents are reported.
"Ransomware remains one of the most acute threats that businesses and organizations in the UK face," said Lindy Cameron, CEO of the NCSC.
"These attacks have genuine real-world consequences and are a reminder to all organizations of the importance of taking the important mitigation measures set out in our guidance. As I have said before, it is vital that organizations treat cyber security as a genuine, board-level risk to be managed," she added.
Encrypting files and services is disruptive enough, but many cyber criminals have realized they can do more damage by stealing data and threatening to leak it unless a ransom is paid. It's something the NCSC says is becoming a fundamental part of the ransomware business model, as criminals realize that many organizations will give in to ransom demands to avoid their data being leaked.
"We have seen low sophistication cyber crime continue to be a scourge to the British public and organizations. This is starkly brought to life in that there were 2.7 million cyber-enabled frauds last year," said Cameron.
More recently, cyber crooks have been using the cost-of-living crisis to trick people into giving up financial information. For example, attacks have mimicked the energy regulator Ofgem in over 50 campaigns exploiting people who are worried about the rise in energy costs.
The NCSC said its Suspicious Email Reporting Service (SERS) received, 6.5 million reports of suspicious emails, which resulted in over 62,000 scam URLs being removed.
Since SERS was set up in April 2020, it has received a total of 13.7 million reports, resulting in the take down of 174,000 scam URLs – something that is providing the NCSC with cause for optimism.
"It is heartening to see a growing uptake in our services to protect against these threats, and the 6.5 million reports we received from the public to the Suspicious Email Reporting Service shows that people are both becoming more cyber aware and contributing to our resilience," said Cameron.
"The NCSC, in conjunction with our law enforcement partners, is more resolute than ever in its determination to thwart cyber criminals," she added.