Search

Ransomware threatens UK infrastructure

62% of cyber leaders in UK critical national infrastructure (CNI) organisations do not have a decision-making plan in place on whether to pay the ransom, despite rising ransomware attacks on CNI, according to new research by UK cyber security services firm Bridewell.

The research, which surveyed 521 cyber security decision makers in the communications, utilities, finance, government and transport and aviation sectors, reveals nearly eight-in-ten (79%) of cyber leaders in UK CNI organisations believe ransomware will significantly disrupt their operations in the next 12 months. Yet less than half have implemented critical measures to help prevent, detect, respond, and recover from ransomware.

According to the research, only 36% have a security information and event management (SIEM) platform that can help to detect a ransomware attack before the attacker completes their objective. Likewise, only 43% say they have implemented technical controls to prevent unauthorised access and stop key directories and files being deleted, overwritten or encrypted.

Gavin Knapp, Cyber Defence Technical Lead at Bridewell says: “All critical infrastructure organisations must be prepared to suffer a ransomware attack and have tailored response plans in place to deal with actors targeting both IT and OT operations. This should encompass third parties and remote access into the OT environment.

“Failure to prepare can result in the loss of IP, interruption to operations, and significant financial and reputational damage. It also often leaves organisations with no choice but to pay the ransom, which aside from being illegal in some countries, only further fuels the crisis.”

Threat groups and actors continue to see significant financial opportunities in the initial access broker and ransomware space, with modern day malware and intrusion frameworks increasingly adopting automated approaches to streamline and improve how they perform attacks. Bridewell is also seeing a significant reduction in the time between vulnerability disclosure and the weaponisation of ransomware, as well as a rise of ransomcloud attacks targeting weaknesses or legitimate functionality in cloud resources.

Yet the research found that only 46% are using cloud storage services with in-built ransomware protection, while just 42% have deployed a cloud access security broker. Concerningly, 84% say they have suffered at least one ransomware attack in the past 12 months, and 4 in 10 have suffered more than 5 attacks – an average of one every other month.

For more news updates, check out our May issue here.

Media contact 

Rebecca Morpeth Spayne, 

Editor, Security Portfolio 

Tel: +44 (0) 1622 823 922

Recent Posts

Subscribe to our newsletter

Don't miss new updates on your email
Click here

Copyright notice This website and its content is copyright of Security Buyer – © Hand Media International LTD 2021. All rights reserved. Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following: you may print or download to a local hard disk extracts for your personal and non-commercial use only you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.

Scroll to Top