UK ‘increasingly concerned’ ransomware victims are keeping incidents secret

British authorities are “increasingly concerned” that ransomware victims in the country are keeping incidents secret, the National Cyber Security Centre (NCSC) said. In a blog post published Thursday morning local time and co-written with the Information Commissioner’s Office (ICO), the body responsible for upholding data protection laws including obligations to disclose breaches, the NCSC said both organizations “deal with the fallout from serious cyber attacks every day.” “Our responsibilities are different, but we both work on incidents that can take down businesses, severely impact national services and infrastructure, and massively disrupt people’s day-to-day lives,” the organizations wrote. However it’s “the attacks we don’t hear about… that aren’t reported to us and pass quietly by, pushed to one side, the ransoms paid to make them go away,” that are driving anxieties among the authorities. “If attacks are covered up, the criminals enjoy greater success, and more attacks take place,” said the NCSC. In their blog post, the organizations tackle a number of “myths around responding to cyber attacks,” stating that more transparency is a good thing for everyone. The myths include that reporting incidents makes it more likely that they will be publicized; that making an extortion payment can make the incident go away; or that having good offline backups means organizations won’t have to pay a ransom. Eleanor Fairford, the NCSC’s deputy director for incident management, said: “Keeping a cyber attack secret helps nobody except the perpetrators so we strongly encourage victims to report incidents and seek support to help effectively deal with the fallout. “By responding openly and sharing information, organizations can help mitigate the risk to their operations and reputation, as well break the cycle of crime to prevent others from falling victim,” she added. Mihaela Jembei, the director of regulatory cyber at the ICO, said: “The fact remains that there is a regulatory requirement to report cyber incidents to the ICO, but transparency is more than simply complying with the law. Cyber crime is a borderless and global threat and it’s through knowledge sharing that we can help organizations help themselves.”

https://therecord.media/uk-increasingly-concerned-of-ransomware-victims-keeping-quiet-ncsc

Customer Reviews

5
0%
4
0%
3
0%
2
0%
1
0%
0
0%

    Leave a Reply

    Thanks for submitting your comment!

    This site uses Akismet to reduce spam. Learn how your comment data is processed.