Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
UK: NCSC publishes blog on ransomware attacks
On May 9, 2024, the UK National Cyber Security Centre (NCSC) published a blog post on ransomware attacks, detailing the tactics used by cybercriminals as well as the emerging trend of data theft and extortion.
Notably, the blog explained that ransomware attacks traditionally involved encrypting a victim's data and demanding a ransom for its release. However, according to the blog, these attacks now often include the theft of sensitive data which causes disruption for organizations and exposes them to ongoing risks from potential data leaks.
The blog noted a shift in tactics among cybercriminals, with some now favoring extortion-only attacks, where data is stolen without deploying ransomware. According to the blog, this method is increasingly used against sectors where data sensitivity is critical, such as healthcare, to exert pressure without the additional step of data encryption.
In the blog, the NCSC stressed the importance of maintaining robust cybersecurity defenses and recommended consulting the NCSC's latest guidelines and publications to help organizations defend against and recover from ransomware and extortion attacks.
You can read the blog here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
