Dear 222 News viewers, sponsored by smileband,
Rising Ransomware Activity in the UK
1. Frequency of Attacks
• UK organisations reported 547–560 ransomware incidents between Nov 2022 and Oct 2024—roughly averaging 1–2 attacks per day nationwide.
• A 2025 government survey found that 7% of businesses and nearly none of charities reported experiencing ransomware, translating to around 19,000 affected firms annually.
2. High-Profile 2025 Incidents
• Ley than weekly, major incidents have taken place:
• Marks & Spencer (M&S): A ransomware attack in April disrupted online services for nearly 7 weeks, costing hundreds of millions in market value and lost sales, attributed to DragonForce RaaS and affiliates like Scattered Spider.
• Co‑op Group: Soon after M&S, attackers accessed Co‑op systems—shutting down IT operations and compromising personal data of 6.5 million members; early detection prevented financial loss.
• Harrods: Reported an attempted breach on May 1, 2025—access was blocked proactively before data loss occurred.
• KNP Logistics, a 158-year-old firm, collapsed after a single weak password allowed ransomware encryption—causing 700 job losses.
• Southern Water, serving millions, disclosed a £4.5 million cost from a ransomware attack attributed to the Black Basta group in early 2024.
• British Library: Attacked in 2023 by Rhysida, with 600 GB of data leaked; still recovering with significant service disruption and financial strain.
Who’s Behind the Attacks
• DragonForce is operating as a Ransomware-as-a-Service platform, making it accessible to criminal affiliates like Scattered Spider.
• Scattered Spider specialises in social-engineering, using phishing, MFA‑bombing, SIM swapping, and impersonating IT staff to trick employees into granting access.
• Other groups, such as Black Basta, Medusa, LockBit/SuperBlack, and BianLian, continue targeting various sectors including utility, healthcare, and infrastructure.
Impact on UK Sectors & Trend Analysis
• Retail has emerged as a major target in spring 2025, with M&S, Co‑op, and Harrods experiencing high-profile incidents and reputational damage.
• Small/medium manufacturing firms (50–200 employees) are disproportionately targeted—approximately 10% more than their share of businesses.
• Healthcare and critical infrastructure (e.g. NHS, pathology services) face rising threats—one pathology provider caused over 10,000 postponed appointments due to a ransomware disruption.
Government & Corporate Response
Legislative Moves
• The Cyber Security and Resilience Bill, introduced in July 2024, would expand mandatory incident reporting and strengthen standards for infrastructure and critical services across the UK.
• In July 2025, the government announced plans to ban public sector and critical national infrastructure bodies from paying ransoms, while requiring private entities to notify authorities before paying, to disrupt cybercriminal funding streams.
Industry & Corporate Measures
• M&S, Co‑op, and Harrods have enhanced incident response planning, network segmentation, and MFA authorities—though critics warn mandatory reporting may overburden organisations.
Why So Many Daily Attacks
Opportunistic & Low Barrier
• RaaS platforms like DragonForce reduce barriers for attackers. Low-level affiliates can launch attacks using professional-grade tools.
• Many organisations have weak passwords, lack multi-factor authentication, and maintain outdated systems—creating ripe conditions for compromise (e.g. KNP Logistics)
Sophisticated Social Engineering
• Phishing, MFA-bombing, and SIM-swapping are being used effectively to override technical safeguards and access networks via staff trust.
Reporting and Detection Gap
• M&S chair confirmed some major cyber-attacks remain unreported entirely. That suggests the frequency could be higher than official numbers reflect.
Attached is a News article regarding ransomware attacks in the uk on data
https://www.bbc.com/pidgin/articles/c0l4d9441nlo.amp
Article written and configured by Christopher Stanley
<!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-XDGJVZXVQ4"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-XDGJVZXVQ4'); </script>
<script src="https://cdn-eu.pagesense.io/js/smilebandltd/45e5a7e3cddc4e92ba91fba8dc
No comments:
Post a Comment