When the UK’s National Cyber Security Centre (NCSC) recommends that organizations revisit pen and paper plans, it may sound retrograde. After all, modern cybersecurity strategies often focus on AI-enhanced threat detection, zero trust architecture, and real-time telemetry.
But this latest guidance isn’t about going backwards. It is a response to a rapidly evolving threat landscape where ransomware can disable entire enterprises, cutting off communication, halting production, and leaving even well-defended organizations unable to function.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Average ransomware payment for US victims more than $6 million, survey says
November 9, 2021
A new report from Mimecast has found that the US leads the way in the size of payouts following ransomware incidents. In the “State of Ransomware Readiness” study from Mimecast, researchers spoke with 742 cybersecurity professionals and found that 80% of them had been targeted with ransomware over the last two years. Of that 80%, 39% paid ...
- ‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks
November 3, 2021
A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted the malicious campaign a few weeks ago, on Oct. 12. Tortilla, ...
- UK Labour Party data breach: Supporters’ details affected in cyberattack
November 3, 2021
The Labour Party has confirmed that details of its members and supporters is among information affected by a “cyber incident” at a company which handles the party’s data. In a statement sent to all party members on Wednesday, Labour said the “significant” attack was on “‘a third party that handles data on our behalf” and that ...
- Europol: 12 Targeted For Involvement In Ransomware Attacks Against Critical Infrastructure
October 29, 2021
A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries. These attacks are believed to have affected over 1 800 victims in 71 countries. These cyber actors are known for specifically targeting large corporations, ...
- Ransomware has proliferated because it’s ‘largely uncontested’, says GCHQ boss
October 26, 2021
If you’ve wondered why ransomware has proliferated in recent years, it’s because until recently it has remained unchallenged, according to Sir Jeremy Fleming, director of British signals intelligence agency GCHQ. “We’ve seen twice as many attacks this year as last year in the UK – but the reason it is proliferating is because it works,” ...
- NHS Digital exposes hundreds of email addresses after BCC blunder copies in entire invite list to ‘Let’s talk cyber’ event
October 20, 2021
NHS Digital has scored a classic Mail All own-goal by dispatching not one, not two, not three, but four emails concerning an infosec breakfast briefing, each time copying the entirety of the invite list in on the messages. The first email sent yesterday morning thanked participants for “registering for NHS Digital’s Full Digital Breakfast: Let’s talk ...