skip to Main Content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038

    Ransomware incidents now dominate agenda at COBRA meetings

    The UK now ranks third in a list of countries where businesses suffer the most ransomware attacks

    The impact of ransomware incidents in the UK has grown to the point that they now dominate discussions at the governments emergency COBRA meetings. COBRA is an unofficial term for COBR that stands for Cabinet Office Briefing Rooms, where the emergency meetings are held.

    The Prime Minister convenes a COBRA meeting to discuss and plan a response to a global, regional or domestic crisis.  An emergency committee is formed, and its members attend the meeting.

    Previous examples of this committee’s work include dealing with coronavirus pandemic, terrorist attacks and severe flooding. In a recent report, The Record asserts, citing multiple sources with knowledge of the matter, that the bulk of the government’s recent COBRA crisis management meetings have been called in response to ransomware incidents rather than other crises.

    The sources told the publication that there did not appear to be a proportionate level of ministerial interest in ransomware, despite the repeated warnings of the chief executive of the National Cyber Security Centre (NCSC), Lindy Cameron, who described ransomware as the most acute threat facing the country. The need to regularly convene cross-departmental meetings on the issue demonstrates how little Westminster has done to address the risk ransomware presents to the nation.

    The UK now ranks third in a list of countries where businesses suffer the most ransomware attacks, security vendor NordLocker said in a report in September. NordLocker examined 18 sectors and found that business services suffered the highest number of ransomware attacks (10.1%), followed by education (9.7%), construction (8.9%), transportation (7.7%), manufacturing (7.3%) and public sector institutions (5.7%). Conti and LockBit were the two most active ransomware gangs in the UK, claiming responsibility for 22.2% and 11.5% of attacks, respectively. They were also the most active groups worldwide.

    NCSC’s annual review states that 18 ransomware events that needed a nationally coordinated response hit the UK this year. These incidents included attacks on the National Health Service software provider Advanced and on South Staffordshire Water. The increase in COBRA meetings follows a cross-Whitehall “sprint” programme on ransomware, which was completed last December.

    The goal of this programme was to formulate recommendations for how to approach the problem that would be signed off on before the G7 conference of interior ministers at the end of 2021. However, a year after that “sprint” ended, the administration has still not delivered any decisions that can be put into practice.

    The Records report also claims that due to the Home Office’s dissatisfaction with the data provided by the Department for Digital, Culture, and Media and Sport (DCMS), the Home Office has begun its own ransomware research project in an effort to determine the accurate number of attacks that have hit the UK in recent months.

    The most recent edition of DCMS’s annual cyber breach study revealed that ransomware assaults had decreased from 17% of all occurrences in 2020 to only 4% in 2021. Officials who talked to The Record, however, questioned the utility of the self-reported survey, stating that it has a bias towards those who do not wish to disclose such events. Moreover, it is derived using data gathered a year previously, a period during which the ransomware ecosystem has significantly evolved.

    A government spokesperson told the publication that protecting the UK against ransomware attacks is a top priority for the administration. “Given the complex nature of the threat, we are working collaboratively across departments, with law enforcement and agencies, and our international partners to strengthen our cyber capabilities and build the UKs resilience.” The spokesperson added that the government’s policy and operational strategy to combating ransomware is now being reviewed, including through regular consultation with industry and international partners.

    With thanks to The full story is here: and check out Nordlocker here:

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 23 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

    Sign Up to the TIO Intel Alerts!

    Back To Top