The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Reported Ransomware Incidents in UK Doubled in 2023

Reported Ransomware Incidents in UK Doubled in 2023
23 January 2024

A Freedom of Information request has revealed that there was a resurgence in ransomware-related incidents following a quieter 2022.  

In the first six months of 2023, twice as many ransomware incidents were reported compared to the same period in 2022. Ransomware deliberately encrypts IT systems, locking users out and demanding money. 

According to the Freedom of Information (FOI) request submitted by Picus Security, nearly a third of all cyber incidents reported in the first half of 2023 were categorised as ransomware (31 per cent), compared to 11 per cent in the same period in 2022.


"...modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures."

– Dr Suleyman Ozarslan

Co-Founder and VP, PicusLabs


Commenting on the findings, Dr Suleyman Ozarslan, Co-Founder and VP of Picus Labs said: “Ransomware remains a scourge for every sector and every security team. Our data reflects a common pattern seen in recent years. Ransomware gangs burst onto the scene, scale up their campaigns, and put a target on their backs. After the coordinated crackdowns and arrests from global government agencies, ransomware activity can start to die down until the next group looks to fill the void left by their predecessor.

“The first six months of 2023 was a hectic period for financial services security teams. This sector has always been one of the biggest targets for both politically and financially motivated cybercriminals. Cl0p Ransomware, for example, is known to target major banks.

“Two major Microsoft vulnerabilities may have also contributed to more incidents than usual this year, as was the case in 2021 when the Hafnium hacking group was actively exploiting another Microsoft Exchange Server bug. The increasing complexity of malware deployed by adversaries may also be a factor. The Picus Red Report 2023 found that modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures. 

“The numbers for the first half of 2023 are also far higher than the second half of 2022 when cyber incident reports almost ground to a halt by the end of the year. It is interesting to see such consistently low numbers in December. A slight decline in cyber incident reports would reflect the fact that many people are away from the office, but there is such a sizable gap between December and January figures. We know that breaches happen all year round, so the numbers should fall off a cliff in this manner. 

“I don’t know which is worse, if security teams don’t discover incidents in December, or if they choose not to report them until after the holidays.” 

Picture: a graphic showing a skull and crossbones over a world map. The image is red and black and contains the words "Ransomware Attack" and "Your files are encrypted". Image Credit: Adobe Stock

Article written by Ella Tansley | Published 23 January 2024


Related Articles

NHS IT Services Supplier Victim of Ransomware Attack

It has been confirmed that a ransomware attack is causing a major outage for NHS IT systems. Services affected include software used by NHS 111 and other patient notes...

 Read Full Article
More Global FM Firms Hit By Cyber Attacks

EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks.  The website of EMCOR Group, the global providers of facility...

 Read Full Article
Anatomy Of A Cyber Attack

The cyber attack on the global heavy manufacturing sites of Norsk Hydro saw the aluminium producer lose over £25.5 million in under a week. Here we detail three...

 Read Full Article
Global Ali Producer Shut Down By Cyber Hack

A major global aluminium producer with multiple sites, including furnaces, has been the victim of a major and malicious cybersecurity attack. A lack of ability to connect...

 Read Full Article
Hackers' Paradise - Easy Access...And Ransoms Paid

One report says on average, one third of business decision makers would pay hackers' ransom demands; while another - DNS Threat Report -  shows European...

 Read Full Article
Spotlight Interview – Francis West | Security Everywhere

Francis West is CEO of Security Everywhere, a company which helps SMEs to secure their money, data and reputation with managed security services. Francis is a trusted...

 Read Full Article
Interserve Fined £4.4m for Failure to Keep Staff Details Secure

The UK’s IT security watchdog has fined Interserve for breaching data protection law and failing to prevent a cyber attack. The Information Commissioner’s...

 Read Full Article
How to Identify and Address IoT Security Weaknesses

Data-driven facilities management is now the expected norm, but security concerns about IoT systems still remain amongst FMs and tenants. The Internet of Things (IoT)...

 Read Full Article
Smart Buildings at Increased Risk of Cyber Attacks, Says Verdantix

The operational technology that powers connected devices across building systems is providing more entry points for cyber criminals to exploit, says research and advisory...

 Read Full Article
BESA Tightens Security After Fraud Incident

The Building Engineering Services Association (BESA) says it has carried out a thorough review of the security procedures behind its online training schemes...

 Read Full Article