DailyPost 2209
UK RANSOMWARE TRENDS
In a US centric digital world, even cyber security is looked into through that geographical prism. The incidents, figures, trends, trajectory and the narrative in this area is mainly from the US. If one were to talk about the ransomware attacks in India, it would be very difficult even to initiate a discussion, finding trends and strategy would be next to impossible. For this reason, we remain mostly in the dark. There are other countries who feel this pinch and it is imperative they know how they are faring at least as far as the ransomware attacks are concerned. Ransomware today stands as the biggest cyber security challenge facing the world.
Each country needs to know the challenge and then it would be some effort to stand against it, in a technically competent manner. It has to be a long drawn technical war of attrition. With this thought in mind JUMPSEC threat intelligence analysts have compiled a report tracking ransomware activity in the UK. This compilation is based on attacks reported by the ransomware groups themselves and have analysed the data with the intention to enable a more effective response to patterns that evolve. Patterns of various gangs, mode of access, nature of encryption, dark net usage, sale of data, second attack, etc are key to understanding even for entry level remediation or some prevention initiative.
US providing global perspective skews the data and any insight if it is being viewed from any country’s viewpoint. This is UK’s case. For record, the UK’s share of global ransomware activity has been consistent at around just 5% of the global ransomware activity. UK thus represents 314 from the global total of 5,869 ransomware cases. As expected this ransomware trends data since 2020 is able to provide data in the right breakdown of sector by sector prevalence, and data on victim size, revenue and revenue to get some idea as to which organisations are more likely to be targeted. Data is in this field for obvious reasons has been be plagued with lack of visibility and transparency.
This helps attackers to continually extort organisations while keeping the true nature of the impact hidden – from both the security defenders and the national policy makers is one on the important findings of the trend analysis. Whether intentional or otherwise, underreporting is the name of the game. Getting into some specificities, ransomware victims such as Tuckers demonstrate the impact what an ineffective patch management program can have. The role of third party software manufacturers also play a role (zero day) which organisations cannot do much about. UK trend suggests that Education, Retail, and Wholesale Trade and Law are the most targeted industries.
COUNTRY SPECIFIC TRENDS AND INTELLIGENCE ADDS TO THE STRENGTH OF THE SECURITY DEFENDERS AND OF THE ORGANISATIONS.
Sanjay Sahay