Ransomware incidents now dominate the agenda of Cobra meetings, report

The impact of ransomware incidents in the UK has grown to the point that it now dominates discussions in governmentCobra emergency meetings.

COBRA is an informal term for COBR which stands for Cabinet Office Briefing Rooms, where emergency meetings are held.

The Prime Minister convenes a Cobra meeting to discuss and plan a response to a global, regional, or local crisis. An emergency committee is formed and its members attend.

Previous examples of this committee’s work include dealing with the coronavirus pandemic, terrorist attacks, and severe flooding.

in Modern reportAnd the register He asserts, citing multiple sources familiar with the matter, that the bulk of recent government COBRA crisis management meetings have been called in response to ransomware incidents rather than other crises.

Sources told the publication there did not appear to be a commensurate level of ministerial interest in ransomware, despite repeated warnings from the CEO of the National Cyber ​​Security Center (NCSC), Lindy Cameron, who called ransomware the most acute threat. facing the country.

The need for regular cross-departmental meetings on this issue illustrates how little Westminster has addressed the risks that ransomware presents to the nation.

UK now It ranks third in the list of countries Security vendor NordLocker said in a September report that the companies are experiencing the largest ransomware attacks.

NordLocker examined 18 sectors and found that business services suffered the highest number of ransomware attacks (10.1%), followed by education (9.7%), construction (8.9%), transportation (7.7%), manufacturing (7.3%) and public sector organizations. (5.7%).

Conti and LockBit were the most active ransomware gangs in the UK, claiming responsibility for 22.2% and 11.5% of attacks, respectively. They were also the most active group worldwide.

NCSC Annual Review It states that 18 ransomware events that required a nationally coordinated response have hit the UK this year. These incidents included attacks on the NHS Advanced Programs provider and on South Staffordshire Water.

The increase in Cobra meetings follows the “sprint” program across Whitehall on ransomware, which was completed last December.

The aim of this program was to formulate recommendations on how to deal with the problem that will be signed before the G7 Conference of Interior Ministers at the end of 2021.

However, a year after the conclusion of the “sprint,” management has yet to issue any decisions that can be put into action.

The registers The report also claims that due to the Home Office’s dissatisfaction with the data provided by the Department for Digital, Culture, Media and Sport (DCMS), the Home Office has begun its own ransomware research project in an effort to determine the exact number of attacks that have hit the UK in recent months.

The latest edition of DCMS’ annual Cyber ​​Penetration Study reveals that ransomware attacks have dropped from 17% of all occurrences in 2020 to just 4% in 2021. registerHowever, he questioned the usefulness of the self-reported survey, stating that it had a bias towards those who were unwilling to disclose such events. Moreover, it is derived using data collected a year ago, a period during which the ransomware ecosystem evolved significantly.

A government spokesperson told the publication that protecting the UK from ransomware attacks is a top priority for the administration.

“Given the complex nature of the threat, we are working collaboratively across departments, with law enforcement and agencies, and our international partners to enhance our cyber capabilities and build the UKFlexibility. “

The spokesperson added that the government’s anti-ransomware policy and operational strategy is now being reviewed, including through regular consultation with industry and international partners.

Leave a Comment