Ransomware: Not enough victims are reporting attacks, and that’s a problem for everyone

Image: Getty

Ransomware continues to be a significant cyber threat to businesses and the general public – but it’s difficult to know the true impact of attacks because many victims aren’t coming forward to report them.

The warning comes in the National Cyber Security Centre (NCSC) Annual Review for 2022, which looks back at key developments and incidents in cyber crime over the last year, with ransomware described as an “ever present” threat and a “major challenge” to businesses and public services. 

That’s demonstrated by how the review details how in the 12-month period between 1 September 2021 and 31 August 2022 there were 18 ransomware incidents that needed a “nationally coordinated” response. These included attacks on a supplier to the National Health Service (NHS) and a ransomware attack against South Staffordshire Water

However, the true impact of ransomware remains unclear, because the NCSC says that many organizations that fall prey to ransomware attacks aren’t disclosing them.

“The true numbers of ransomware attacks in the UK each year are far higher, as organizations often do not report the compromises,” says the NCSC report. 

Also: The ransomware problem won’t get better until we change one thing

That lack of reporting is despite the significant and disruptive consequences ransomware attacks can have, not only for organizations that fall victim, but for wider society – which is why it’s vital that cybersecurity is taken seriously and incidents are reported

“Ransomware remains one of the most acute

Read more

Explore the site

More from the blog

Latest News