Ransomware is cyber-criminals’ weapon of choice; UK retail facing barrage of attacks

The annual review published by The National Cyber Security Centre (NCSC), the UK’s technical authority for cyber security, illustrates the severity of the ransomware threat in the UK.

The report reveals that the onslaught of ransomware attacks shows no sign of easing in the future. In the first four months of 2021 alone, the NCSC reports that it handled the same number of ransomware incidents as for the whole of 2020 – a number that was itself already more than three times greater than in 2019.

According to the DCMS Cyber Security Breaches Survey, published in March 2021, 39 per cent of all UK businesses (2.3m) reported a cyber breach or attack in 2020/21.

The report also highlighted the increased threat of supply chain attacks. Notably, in March 2021 an attack on vulnerabilities in Microsoft Exchange Servers led to at least 30,000 organisations being compromised in the US alone.

This is the fifth annual review published by the NCSC, examining the key developments and highlights in cyber security from 1 September 2020 to 31 August 2021.

The report also highlighted the threat of ‘Double Extortion’, a tactic used by gangs that involves the threat of leaking sensitive data online if victims refuse to pay. The report states that such instances of stolen data being leaked are almost certain to increase, with further UK victims of this dual-crime highly likely.

Steve Arlin, from ProLion, a provider of proactive ransomware and data protection solutions, commented: “This report prioritises the need for action. As an organisation makes the step of putting the right protection in place, the potential impact of a ransomware attack diminishes.

“The latest tactics used by cyber criminals are ruthless, merciless and potentially lethal to an organisation. With the added threat of Double Extortion, once in a position where a ransom payment is demanded, the likelihood of safely recovering your data and your reputation is incredibly slim.

“The report presents a truly frightening picture – cyber crime is continuing to balloon, and as we are seeing time and again, ransomware is a serious threat to us all”.

A separate report compiled by Keeper Security – the ‘2021 Cybersecurity Census Report’ – focuses on the experience of the UK retail sector, revealing that companies experienced 44 cyber attacks in the last 12 months – roughly one every 8 days.

In light of this, three-quarters (77 per cent) of retailers believe that the number of cyber attacks they are faced with will only increase in the next 12 months and, with that, bring increased disruption to the entire retail ecosystem.

The retail sector has been under immense pressure over the past 18 months, with retailers’ front lines battered by the Covid-19 pandemic shuttering stores across UK high streets, then compounded by major supply chain issues arising as a result of Brexit. Now mushrooming cyber attacks are causing additional headaches.

The Keeper research found that successful cyber attacks against retailers resulted in severe disruptions to partner and customer operations (34 per cent); the supply chain (33 per cent), and a retailer’s ability to trade (29 per cent).

The retail sector’s response has heightened as a result of this unwelcome activity: 41 per cent of respondents said that IT has been their top investment priority over the last year. The large majority of retailers (86 per cent) know where the gaps or weak links in their cyber-security defences are, although only 35 per cent claimed to be addressing all of them. Some vulnerabilities therefore presumably still exist and could be exploited by bad actors.

Senior IT leaders in the retail sector would like to see cyber security become a board-level issue, with four in five (78 per cent) calling for a member of the board to be dedicated specifically to the cyber welfare of the business. At the same time, retailers are aware that they can’t solve all their cyber-security challenges by themselves, especially as they currently consider an attack on a cloud provider they might be using to be their largest cyber-security vulnerability.

Darren Guccione, CEO, Keeper Security, said: “Cyber criminals are targeting retailers, as they see them as an easy target, and the rewards for a successful breach are vast given the pools of data a retailer is likely to have on its system.

“Over half of employees working in retail don’t understand the cyber-security implications of poor password hygiene, highlighting just how critical not only improving current cyber-security training is, but also making sure the right IT staff are in place from the very beginning.”