Feb 2022 – NCSC Advisory

In February the NCSC issued a joint advisory (with the FBI, CISA and NSA in the USA and the Australian Cyber Security Centre) which highlights the increased threat of ransomware.

The main trends should come as no surprise with an increase in the use of cybercrime-as-a-service with criminals gaining access to networks via phishing, stolen credentials, brute force attacks or exploitation of vulnerabilities.

The cyber criminals themselves have been sharing victim information with each other, shifted away from focussing on major targets (“big-game” hunting) and increasingly threaten to release stolen information, disrupt Internet access, and inform the victim’s stakeholders (“triple extortion”).

A growing trend is the targeting of cloud services, attacks on managed service providers, attacks on the supply chain, and attacks over weekends or holidays.

In terms of mitigation, much of the advice is in-line with the basic level protection defined by the NCSC’s Cyber Essentials scheme which was updated in January 2022. The NCSC provide specific Ransomware advice at https://www.ncsc.gov.uk/ransomware/home