NHS IT Services Supplier Victim of Ransomware Attack
It has been confirmed that a ransomware attack is causing a major outage for NHS IT systems. Services affected include software used by NHS 111 and other patient notes...
Read Full ArticleA Freedom of Information request has revealed that there was a resurgence in ransomware-related incidents following a quieter 2022.
In the first six months of 2023, twice as many ransomware incidents were reported compared to the same period in 2022. Ransomware deliberately encrypts IT systems, locking users out and demanding money.
According to the Freedom of Information (FOI) request submitted by Picus Security, nearly a third of all cyber incidents reported in the first half of 2023 were categorised as ransomware (31 per cent), compared to 11 per cent in the same period in 2022.
"...modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures."
– Dr Suleyman Ozarslan
Co-Founder and VP, PicusLabs
Commenting on the findings, Dr Suleyman Ozarslan, Co-Founder and VP of Picus Labs said: “Ransomware remains a scourge for every sector and every security team. Our data reflects a common pattern seen in recent years. Ransomware gangs burst onto the scene, scale up their campaigns, and put a target on their backs. After the coordinated crackdowns and arrests from global government agencies, ransomware activity can start to die down until the next group looks to fill the void left by their predecessor.
“The first six months of 2023 was a hectic period for financial services security teams. This sector has always been one of the biggest targets for both politically and financially motivated cybercriminals. Cl0p Ransomware, for example, is known to target major banks.
“Two major Microsoft vulnerabilities may have also contributed to more incidents than usual this year, as was the case in 2021 when the Hafnium hacking group was actively exploiting another Microsoft Exchange Server bug. The increasing complexity of malware deployed by adversaries may also be a factor. The Picus Red Report 2023 found that modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual tactics, techniques and procedures.
“The numbers for the first half of 2023 are also far higher than the second half of 2022 when cyber incident reports almost ground to a halt by the end of the year. It is interesting to see such consistently low numbers in December. A slight decline in cyber incident reports would reflect the fact that many people are away from the office, but there is such a sizable gap between December and January figures. We know that breaches happen all year round, so the numbers should fall off a cliff in this manner.
“I don’t know which is worse, if security teams don’t discover incidents in December, or if they choose not to report them until after the holidays.”
Picture: a graphic showing a skull and crossbones over a world map. The image is red and black and contains the words "Ransomware Attack" and "Your files are encrypted". Image Credit: Adobe Stock
Article written by Ella Tansley | Published 23 January 2024
It has been confirmed that a ransomware attack is causing a major outage for NHS IT systems. Services affected include software used by NHS 111 and other patient notes...
Read Full ArticleEMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks. The website of EMCOR Group, the global providers of facility...
Read Full ArticleThe cyber attack on the global heavy manufacturing sites of Norsk Hydro saw the aluminium producer lose over £25.5 million in under a week. Here we detail three...
Read Full ArticleA major global aluminium producer with multiple sites, including furnaces, has been the victim of a major and malicious cybersecurity attack. A lack of ability to connect...
Read Full ArticleOne report says on average, one third of business decision makers would pay hackers' ransom demands; while another - DNS Threat Report - shows European...
Read Full ArticleIn Part 3 of our cyber security Q&A, Sheldon Reynolds talks us through the danger of reusing passwords and what happens on the dark web. According to data...
Read Full ArticleThe cyber threat landscape is evolving at an alarming rate, and there's a new player in town that's causing mayhem in inboxes: impersonation attacks. In this...
Read Full ArticleIn Part 2 of our Q&A with cyber security expert Francis West, we discuss simple actions we can all take to be more cyber safe, what to do if you receive a suspicious...
Read Full ArticleLearn more about the realities of cyber crime in this Q&A with cyber security expert Francis West. From Whatsapp fraud to investment scams, cyber crime has...
Read Full ArticleUK data centres are now classed as critical national infrastructure, the same status associated with energy supply, water supply, transportation, health and...
Read Full Article