Have plans on paper in case of cyber-attack, firms told
According to the latest advice, people should turn to pen and paper and plan for potential cyber attacks.
The government has written to senior executives across the country strongly advising them to keep physical copies of their plans on hand as a precaution.
A recent wave of attacks has highlighted the chaos that can ensue if hackers take down computer systems.
The warning comes after the National Cyber Security Center (NCSC) reported an increase in more serious cyber attacks this year.
Criminal attacks on Marks and Spencer, The Co-op and Jaguar Land Rover have led to empty shelves and halted production lines this year as the companies struggle without computer systems.
“Organizations need to have a plan for how they will continue to operate without IT (and quickly rebuild that IT), which is an onslaught that must be overcome,” said Richard Horne, chief executive of NSCS.
Firms are being asked to look beyond cybersecurity controls towards a strategy known as “resilience engineering,” which focuses on creating systems that can predict, absorb, recover and adapt in the event of an attack.
Preferably, plans should be on paper or stored offline, the agency suggests.
Although the total number of attacks the NCSC dealt with in the first nine months of this year, at 429, was about the same as in the similar period last year, there was an increase in attacks with greater impact.
The number of “nationally significant” events represented almost half of all events, or 204. Last year there were only 89 people in this category.
A nationally significant incident involves cyber attacks in the three highest categories across NCSC and UK law enforcement classification model:
- Category 1: National cyber emergency.
- Category 2: Extremely important event.
- Category 3: Major event.
- Category 4: Major event.
- Category 5: Moderate incident.
- Category 6: Localized event.
4% (18) of this year’s incidents were in the “fairly significant” category, the second highest category.
This represents a 50% increase in such incidents; This is the third consecutive year of an increase.
The NCSC does not provide detailed information about which attacks, publicly or undisclosed, fall into which category.
But as a point of reference, it appears that the wave of attacks on UK retailers in the spring, affecting Marks and Spencer, The Co-op and Harrods, would be classed as a major incident.
The attack on a blood test provider, one of the most serious attacks of last year, caused major problems in London hospitals. It caused significant clinical deterioration and directly contributed to the death of at least one patient.
NCSC did not say which category this incident would fall into.
The vast majority of attacks are financially motivated by criminal gangs who use ransomware or data extortion to blackmail the victim into sending Bitcoin as ransom.
Although most cybercrime gangs are headquartered in Russia or former Soviet countries, there has been a resurgence of youth hacking gangs thought to be based in English-speaking countries.
Seven teenagers have been arrested in the UK so far this year as part of investigations into major cyber attacks.
Along with recommendations to increase preparations and collaboration, the government is asking organizations to make better use of the free tools and services offered by the NCSC (for example, free cyber insurance for small businesses that complete the popular Cyber-Essentials program).
