A parliamentary committee has warned that the UK government is at high risk of a “catastrophic ransomware attack”, due to poor planning and lack of investment, causing widespread disruption.
In a highly critical report, the joint committee on the national security strategy issued a warning that the UK is vulnerable to a debilitating cyber-attack on its critical national infrastructure (CNI) at any given time.
The CNI is crucial for societal functions including energy supply, water supply, transportation, health, and telecommunications, according to The National Cyber Security Centre (NCSC).
In the last year, a ransomware attack on the NHS left patient data in the hands of cyber-criminals. Moreover, Redcar and Cleveland council were locked out their systems for almost three weeks, due to a ransomware attack in 2020, leaving £18 million worth of damage costs.
Cybersecurity expert Andy Ward, VP International for Absolute Software, commented: “The heightened risk of cyber-attacks during uncertain economic times makes vulnerable security systems a prime target for cyber attackers. Ransomware threats do not discriminate across any person or sector, posing a significant concern due to increasing volumes of sensitive data.”
“Due to the certainty of ransomware attacks, organisations must implement both preventative and reactive cybersecurity measures, by evaluating current cyber postures, incorporating resilient Zero Trust models for user authentication. It is vital to have robust response protocols alongside prevention efforts leveraging secure access, self-healing solutions to recover and repair breached devices following a breach, ensuring heightened cyber preparedness.”
The report states that the government should invest more in preventing cyber-attacks and are being criticised for failing to issue a priority for ransomware attacks.
If cyber-criminals manage to sabotage CNI operations, it will pose a large threat to physical security or the safety of human life, according to the report. Especially if cyber-physical systems are intercepted, and taken into the control of a cyber-criminal.
The NHS were also identified as an extremely vulnerable target, as the committee noted a lack of simple upgrade in their IT systems, leaving them vulnerable to cybercrime.
Cyber expect Suid Adeyanju, CEO, RiverSafe commented:
“Cybercriminals are persistently targeting vital national infrastructure with ransomware attacks, such as the NHS, in order to steel confidential patient data. Organisations need to re-evaluate their cyber security defences, combining a blend of technology and observability, as well as ensuring comprehensive training for all staff on the dangers of cyber threats. As the surge in cyber-attacks shows no signs of slowing down, taking measures to secure data and mitigate risks should be top priority for businesses.”
Also Read: What Organizations Need to Know About the Security Implications of Excessive Data Privacy
Cybersecurity expert Andy Ward, VP International for Absolute Software, commented:
“Ransomware attacks are on the rise. They do not discriminate across any person or sector, posing a significant concern due to increasing volumes of sensitive data, remote devices, and network access points.”
“Due to the certainty of ransomware attacks, organisations must implement both preventative and recovery-focused cybersecurity measures. It is important to maintain strong prevention, but equally vital to have robust response protocols that leverage self-healing solutions to recover and repair breached devices and systems following an attack. Such steps will heighten cyber preparedness, allowing businesses to remain resilient in hostile environments.”
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
