Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - News & Analysis - Experts Warn On Rise Of Hacker Ransoms
News & Analysis

Experts Warn On Rise Of Hacker Ransoms

ISBuzz TeamBy ISBuzz TeamMarch 14, 2017Updated:July 4, 20245 Mins Read
Share LinkedIn Twitter Facebook Copy Link Email
Share
Facebook Twitter LinkedIn Email Copy Link
Quick AI Summary
ChatGPTClaudeGeminiGrokPerplexityDeepSeekCopilot

The National Crime Agency and National Cyber Security Centre have launched a report into ‘The cyber threat to UK businesses’ – see full report here. The report explores numerous avenues of the UK cybersecurity industry, nothing that ransomware is a “significant and growing” risk. It also states that connected devices and wearables are at risk and are going to be targeted more in future. You can find more on this news here. IT security experts from Micro Focus and Palo Alto Networks commented below.

David Mount, Director of Security Solutions Consulting EMEA at Micro Focus: 

David Mount“As this report demonstrates, the IoT is ushering in a new era in security terms. It’s positive that issues like ransomware and IoT security are now part of the national conversation, but we still have a long way to go to encourage connected tech companies to build security into IoT products from the start. All too often device vendors prioritise usability and customer experience over security, and that is putting consumers and businesses at risk. Quite simply, IoT security can no longer be treated as an afterthought.

“In line with other industries, we’re probably going to need government intervention around legislation and safety standards to protect internet connected devices. Exposure of consumer data is a serious and present risk, but with the number of IoT devices set to grow exponentially, a well-coordinated IoT attack could be used to pose a very real threat to our national critical infrastructure – not to mention online banking, emergency services, and commerce in general.

“The government and industry must understand that we’re moving into a world in which we will carry a significant compute capability with us – and perhaps even more importantly, a significant ‘sensor’ capability with us too. The key to securing these billions of ‘smart devices’ lies in Identity. By giving each sensor and device an Identity, device behaviour can be examined and anything unusual can set alarm bells ringing.”

Greg Day, VP and Chief Security Officer EMEA at Palo Alto Networks:

Greg Day

  • “One of the most pressing challenges when it comes to security is educating organisations and the general public and, as such, we applaud this report. It plays a crucial role in further helping businesses, governmental bodies and users to keep pace with the threats they face today.
  • But for the NCA and NCSC report to have impact, people and organisations must take this broad insight and personalize it, not just file it for future reference.  They need to look at which elements are relevant to them and what personal or business impact it would have, so they can take appropriate steps to manage the risks.  While GDPR comes into force in 2018 and codifies the need for ongoing assessment of the risks and application of the relevant state of the art cyber security controls, businesses and users should be applying these principles today.
  • Notwithstanding the report’s warnings, ransomware is still in its relative infancy, yet its evident scope to impact all organisations, rather than just those processing credit card information, means we should expect it to grow.  In the last year, we have seen ransomware start to leverage targeted techniques with Samsa, which has been developed in previous years by nation state attacks.  Most recently new variants like RanRan have broadened beyond just financial motives to include political motives.  In today’s increasingly digitally dependent world, businesses should be cognizant of these trends. Strategies built on actually preventing attacks, rather than just cleaning up afterwards, are absolutely essential to significantly reduce these threats.
  • In recent years, CISP has been a great initiative for intelligence sharing between UK organizations. It is also great to see how the Cyber Threat Alliance is driving collaboration between core security vendors, to better work together and automate sharing, not just of threats that are seen, but also the blocking controls and context about the attackers.  The more we all collaborate and crowd source against cybercriminals, the greater the intelligence and compute power we can leverage.  However, this must start at the grass roots level, which requires every business to recognize the value and input their input, be it with members of the CTA or CISP, as they collaborate via their collective members.   The more we can work together, the more we can move unknown high risk attacks into known attacks.
  • The threat continues to evolve, not just in terms of the attackers’ techniques, but also what and how organisations use technology to function and flourish.  As such it’s important to regularly review where and how information is shared. As the report says, the rapid adoption of business and consumer cloud services and devices, such as wearables that share information, can provide attackers with insight into our lifestyles that can be used against us. But it is equally important to focus on how these could be sources to tap into business data that may not be recognized as a threat.  For example, whilst many businesses may have significant controls around their core data centers, cloud storage can be a weak point, with businesses often not clear on where and why they are being used.  Stealing genuine credentials is still one of the most common motives for attackers, but where data is stored outside the business, awareness of credential misuse can often go undetected. Cyber risk prevention must start with visibility of your continually evolving IT space, and examining where you can reduce your risks by reducing the potential attack surface you expose.”
ISBuzz Team
  • ISBuzz Team
    Air Canada Data Breach: BianLian Extortion Group Claims A Massive Heist Contrary To Airline’s Earlier Statement
  • ISBuzz Team
    Unprecedented DDoS Attack Rocks The Web: Tech Giants Reveal A Digital Tsunami
  • ISBuzz Team
    CISA Flags High-Severity Adobe Acrobat Reader Flaw Amid Active Exploits
  • ISBuzz Team
    Curl Security Alert: Patching A Critical Bug Averting Potential Cyber Catastrophe

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Share. Facebook Twitter LinkedIn Email Copy Link

Related Posts

Foxconn confirms cyberattack following Nitrogen ransomware claims

May 14, 20263 Mins Read

Lazarus Group Turns to Medusa Ransomware in Escalating Global Extortion Campaign

February 26, 20263 Mins Read

The Cyberattack That Exposed the Fragility of Digital Heritage

February 11, 20268 Mins Read
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}