4 months ago
5
ARTICLE AD BOX
A total of 39 countries endorsed the new guidance that asks organisations to report incidents to law enforcement bodies, while discouraging them from paying ransoms to cyber criminals.
The UK and Singapore lead a global initiative to support organisations affected by ransomware attacks. (Credit: PeopleImages.com – Yuri A/Shutterstock)
The UK has joined 38 other countries in backing new guidance for corporate ransomware victims. The guidelines, also endorsed by the US, Japan, and Australia, strongly recommend that organisations do not act impulsively in paying ransoms demanded by hackers. They argue that such actions only perpetuate the cycle of breaches that have afflicted the private sector in recent years. However, the guidance falls short of endorsing a full ban on ransomware payments.
Despite this, the UK National Cyber Security Centre’s director for national resilience wholeheartedly endorsed the global accord. “Cyber criminality does not recognise borders,” said Jonathan Ellison. “The endorsement of this best practice guidance by both nations and international cyber insurance bodies represents a powerful push for organisations to upgrade their defences and enhance their cyber readiness.”
Ransomware scourge receiving global attention
The new guidance effectively endorses new guidance agreed by stakeholders at the 2024 Counter Ransomware Initiative (CRI) summit held earlier this year in the US. Specifically, it urges organisations to cautiously assess their options before paying ransoms to cyber criminals as a move to stop disruption and data loss. Instead, the guidelines ask organisations to report incidents to law enforcement bodies, check the availability of data backups, and seek advice from recognised experts.
The guidelines also recommend that public and private organisations take proactive steps to ameliorate ransomware attacks should they occur, actions that include the development of contingency plans for data retention and retrieval, as well as policies, frameworks, and communication strategies.
By discouraging ransom payments, the new guidelines aim to undermine the ransomware business model, thereby eliminating the incentive for criminals to target organisations and ultimately preventing future attacks.
Ransomware a primary threat to UK businesses
According to the UK government, ransomware remains the primary cyber threat to UK businesses and organisations, with cybercriminals continuously adapting their methods to maximise profits.
The industry estimates reported by Chainalysis said that last year saw the highest-ever losses from ransomware payments, with over $1bn paid to criminals across the globe.
This week, the UK sanctioned 16 individuals associated with the Russian cybercrime group Evil Corp, in a joint action with the US and Australia. The Evil Corp had previously carried out malware and ransomware attacks not only on British health, government, and public sector organisations but also on private commercial technology firms.
The Russian cybercrime group also had connections with the ransomware group LockBit. Earlier this year, the UK’s National Crime Agency infiltrated LockBit, which led to the revelation that cyber criminals usually retained data even after victims had paid a ransom for its deletion.
In May 2024, the National Cyber Security Centre partnered with three UK insurance bodies — the Association of British Insurers, the British Insurance Brokers’ Association, and the International Underwriting Association to launch co-sponsored guidance for UK organisations.
Read more: Meta expands fraud data exchanges with UK banks
More Relevant
close
