Record number of UK cyber attacks highlight need for cyber resilience
So, you’ve heard of cyber security, but how familiar are you with cyber resilience? Cyber resilience is all about how a business responds to malicious activity, such as a phishing attack.
With reports that the UK’s cyber security agency, the National Cyber Security Centre (NCSC), have dealt with a record 777 cyber incidents over the past year, there has never been a bigger need for stronger cyber resilience, as well as cyber security measures, than now.
The NCSC said in its annual review that many of the incidents were linked to a global hacking campaign, blamed on Russia’s foreign intelligence service, which impacted the US government, as well as other victims. Another incident, linked to a Chinese
state-backed actor, involved an attack on Microsoft.
Sir Jeremy Fleming, the director of GCHQ, described them both in the review as “two of the most serious global cyber incidents we’ve seen in recent years”.
The NCSC said China was a “highly sophisticated” operator in cyber space, with “increasing ambition to project its influence beyond its borders” and a proven interest in the UK’s commercial secrets.
Fleming warned: “We can see technology leadership is shifting eastwards. Key technology we will rely on for future prosperity and security won’t necessarily have democratic values at its core. We will work with partners around the world to help the UK and allies face this moment of reckoning.”
It is believed that the total number of incidents the NCSC responded to over the last year rose, as a result of the COVID-19 pandemic. This saw an increase in ransomware attacks, as cyber criminals took advantage of companies moving to flexible working patterns, before demanding ransoms of thousands of pounds in return for the retrieval of encrypted company data.
Chief Executive of the NCSC, Lindy Cameron, said: “One of the trends the NCSC has seen over the last year is a worrying growth in criminal groups using ransomware to extort organisations. In my view it is now the most immediate cyber security threat to UK businesses and one that I think should be higher on the boardroom agenda.”
20% of the 777 incidents the NCSC had to tackle this year were linked to the health sector and vaccines, including hospitals and research centres. The agency said the University of Oxford protected itself from an attempted ransomware attack “with the potential to cause significant disruption” due to the help offered by the NCSC’s services. This was critical, as the AstraZenica vaccination could’ve been disrupted by a major cyber incident.
What is the need for cyber resilience?
So, where does the combination of cyber security and cyber resilience come into play? Well, many of the remaining cyber incidents dealt with by the NCSC saw businesses across a variety of industries targeted. A lot of these organisations were earmarked as a result of poorly optimised cyber security measures, that did not adapt as required during the move to working from home.
When these companies were then hit by devastating cyber attacks, many were lacking the required cyber resilience strategies to return back to working order. This meant that financial losses incurred by downtime were felt even harder.
The lessons that need to be learnt are the requirement for businesses to get their cyber security and cyber resilience strategies in order. By teaming up with a Managed Service Provider, businesses can unlock a large pool of cyber knowledge that they would simply not have access to if they relied upon their own staff.
What we do
At Neuways, we continually review our customers’ cyber security and cyber resilience measures, ensuring that they are the best for that customer and their needs. With so many changes over the last two years, it is critical to make sure that the current procedures are the right ones for a business that, for example, has its employees working remotely from many different locations across a country.
When it comes to cyber resilience, Business Continuity & Disaster Recovery plans are tailor-made to suit your business and its requirements. They can ensure that your company data is being saved regularly and to devices across different locations, all whilst testing those back up files to ensure they are recoverable. This means that in the event of cyber attack (or any other disaster) that creates downtime, your business can react and implement backed-up data and files that you are confident will work as intended – reducing downtime and ensuring business continuity.
