Monday, February 05, 2024

Ransomware trends signal further woes for UK financial services


ByDr. Tim Sandle
DIGITAL JOURNAL
February 4, 2024

The Akira hacker group is suspected of carrying out the cyber attack in Sweden - Copyright AFP Chris DELMAS

What is the true extent of cyberattack impacting the U.K.? New details concerning the number of security incidents and ransomware incidents reported to the U.K. Financial Conduct Authority (FCA), with the information obtained by Freedom of Information request.

This information has been obtained by Picus Security into cyber incidents and the subsequent analysis reveals an increase in ransomware incidents in the first half of 2023. Picus received month-by-month data on the number and type of incidents reported to the FCA by financial organizations. This information can be compared to previous FCA data breach statistics, including Picus freedom of information requests for FCA data in 2021 and 2022.

The FCA received 51 cyber incident reports in 2023 (classified as material incidents), up 10 percent compared to 2022. Within this data set, twice as many ransomware incidents were reported in 2023 (19) compared to the same period in 2022. In all, nearly a third of all cyber incidents reported were categorized as ransomware.

A material incident is defined as a cyber incident that results in significant loss of data, or the availability or control of its IT system; or impacts a large number of victims; or one that results in unauthorized access to, or malicious software present on, its information and communication systems.

Commenting on the findings, Dr. Suleyman Ozarslan, Co-Founder and VP of PicusLabs says in a statement sent to Digital Journal: “Ransomware remains a scourge for every sector and every security team. Our data reflects a common pattern seen in recent years. Ransomware gangs burst onto the scene, scale up their campaigns, and put a target on their backs.”

Ozarslan adds: “After the coordinated crackdowns and arrests from global government agencies, ransomware activity can start to die down until the next group looks to fill the void left by their predecessor.”

Financial services has always been one of the biggest targets for both politically and financially motivated cybercriminals.

There are other factors as well accounting for the increase. Ozarslan points out: “Two major Microsoft vulnerabilities may have also contributed to more incidents than usual this year, as was the case in 2021 when the Hafnium hacking group was actively exploiting another Microsoft Exchange Server bug.”

The increasing complexity of malware deployed by adversaries is also a factor.

Here Ozarslan observes: “The Picus Red Report 2023 found that modern malware is now capable of performing far more actions across the cyber-kill chain, to more effectively evade defences. More than one-third of malware samples exhibit more than 20 individual Tactics, Techniques and Procedures.”

No comments: