The UK, US and Australia issue joint ransomware warning

The UK, US, and Australia have released a joint advisory warning about ransomware, stating ‘a growing wave’ of attacks could impact critical infrastructure

Cyber security authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations globally in 2021.

Ransomware is a type of malware that attackers can deploy on a victim's computer network to encrypt their files. With modern ransomware attacks, the criminals then extort the victim to pay huge sums of money to decrypt their files and make them accessible again.

The nations have issued a warning and released a joint advisory, which is authored by cyber security authorities in the United States (The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA), Australia (The Australian Cyber Security Centre (ACSC), and the United Kingdom (National Cyber Security Centre (NCSC). 

It provides observed behaviours and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

Providing advice to mitigate ransomware 

The joint advisory offers mitigation advice to network defenders which will reduce the risk of a compromise, which includes implementing a requirement for multi-factor authentication, Zero Trust architecture, and a user training programme with phishing exercises.

NCSC CEO Lindy Cameron said: “Ransomware is a rising global threat with potentially devastating consequences but there are steps organisations can take to protect themselves. To help ensure organisations are aware of the threat and how to defend themselves we have joined our international partners to set out the very latest threat picture alongside key advice.” 

The advisory follows the announcement of the NCSC’s recently launched Ransomware Hub, which is a one-stop-shop for advice on how ransomware works, on whether a ransom should be paid, and how to prevent a successful attack.

Governments working to tackle ransomware together 

As part of the agreement, the nations have pledged to intensify co-operation and delivery of shared opportunities and challenges across the cyber and critical technology policy.

Chris Usserman, Director of Security Architecture, Infoblox:  “It’s encouraging to see threat intel sharing among governments to tackle ransomware and other cyber threats. We in the private sector have had a frontline view of the evolution of ransomware-as-a-service from defending against these crippling attacks and helping companies prevent and/or recover. While security hygiene and technologies form part of the solution, I hope to see more pre-emptive government actions to take down known actors and their infrastructure when they use cyber attacks to create kinetic havoc, like in the aftermath of Colonial Pipeline and attacks on critical infrastructure. As the joint statement shows, ransomware is an epidemic. We need governments to unify and shut down bad actors no matter where they hide or whom they attack.”

 

Share

Featured Articles

Cooperation Key Theme at Microsoft Endpoint Security Summit

The Microsoft Endpoint Security Summit brought together leaders in the cybersecurity industry to discuss strategies for securing endpoints on Windows

Why the UK is Listing Data Centres as Critical Cyber Assets

Being Western Europe's leader in number of Data Centres, the UK has decided to take steps to ensure they receive adequate protection from cyber threats

Trustwave Reveals the Financial Sector's Cyber Threats

Although it's not new to think that financial services organisations are prime targets for cybercriminals, the threat landscape they find themselves in is

TCS and Google Cloud Join for Solution to Secure the Cloud

Technology & AI

Cybersecurity Conglomerate Reveals Threats Facing Consumers

Cyber Security

Decoding the US' Most Misunderstood Data Security Terms

Cyber Security