FEATURE
Ransomware has rarely been out of the headlines over the past 12 months , with giant multi-nationals such as Toyota , Okta , Vodafone and Samsung falling victim to attacks by prominent criminal gangs . The surge in ransomware attacks in recent years has disrupted critical national infrastructure , global supply chains and even nation states including Costa Rica and Montenegro . Worryingly , the trend shows no sign of abating as we move through 2023 .
Indeed , the NCSC has contended with a record number of ransomware incidents over the past year and has identified the attacks as the most significant cyberthreat facing businesses and individuals in the UK . Of the 63 recorded cyber incidents that were significant enough to require a national level response by the NCSC , 18 involved ransomware .
Despite being a relatively unsophisticated method of attack , a successful ransomware breach has the capacity to grind an organisation to a halt – and cause significant disruption to the general public . Meanwhile , with the objective of ransomware actors almost always being to profit financially , businesses face the multiple threats of financial loss , internal disruption from data breaches and substantial reputational damage .
2022 in review
Ransomware gangs such as Laspus $, Conti and LockBit were active around the globe , constantly bolstering their tactics and causing public embarrassment for the companies they attacked . Toyota was forced to suspend its production line for a short time when hackers struck a supplier ; Vodafone , Samsung and Okta were hit by Laspus $, which breached security systems and threatened to release sensitive data and information . In the case of Okta , thousands of companies that use its cloud software also came under threat .
Laspus $ was perhaps the most notorious gang operating in early 2022 , hitting a string of businesses , before a series of arrests halted its progress . This
Of the 63 recorded cyber incidents that were significant enough to require a national level response by the NCSC , 18 involved ransomware .
successful law enforcement was a direct result of the increased collaboration between governments and agencies around the globe – a lesson for businesses and authorities in 2023 . The sharing of threat intelligence and cyber strategies has supported the takedowns of ransomware groups alongside wider multi-government takedowns like the action against REvil in 2021 . Sometimes ransomware gangs are responsible for their own downfall – Conti shut down last year following the leak of internal chats and part of its source code .
Despite the efforts to disrupt gangs , there was no decrease in ransomware activity in the UK last year , which , according to the NCSC , was because members of exposed groups would often move on to work with others – demonstrating how the ransomware landscape continues to diversify and evolve .
Steve Forbes , Government Cybersecurity Expert , Nominet www . intelligentciso . com
37