Ethical Hacking News
The UK government's latest annual data breach survey reveals a disturbing trend – the number of ransomware attacks on British businesses is on the rise, with many techies complaining that the board is not taking adequate measures to address this issue. The situation highlights the growing concern of cybercrime in the UK and emphasizes the need for organizations to take immediate action to protect themselves against these types of attacks.
The number of ransomware attacks on UK businesses has increased significantly, with an estimated 19,000 businesses affected. The proportion of organizations reporting ransomware events has risen from less than 0.5% to 1% in the past year. Phishing remains the most common form of cybercrime in the UK, with a notable drop in recent years. Only 38% of businesses have a cyber specialist on the board, down from 27% four years ago. The decline in board-level responsibility for cybersecurity is a concerning trend that needs to be addressed. The UK government estimates that 8.58 million cybercrimes were committed in the past 12 months, with most related to phishing.
The latest annual data breach survey conducted by the UK government has revealed a disturbing trend – the number of ransomware attacks on British businesses is on the rise, with many techies complaining that the board is not taking adequate measures to address this issue. The survey, which was published recently, showed that the proportion of organizations reporting ransomware events has increased significantly over the past year, with an estimated 19,000 businesses affected.
According to the survey, the number of ransomware attacks on UK businesses has risen from less than 0.5 percent in the previous year to 1 percent this year. This represents a significant increase, and it's clear that the situation is not being taken seriously by some organizations. Many techies are forced to informally request company directors for defense spending because there's no security people on the board.
The survey also revealed that phishing remains the most common form of cybercrime in the UK, with a notable drop in recent years. However, the prevalence of breaches and attacks for medium and large businesses remained consistent year on year. The data showed that 7 percent of businesses (micro, small, medium, and large) that were victims of some kind of cybercrime were hit by ransomware in the past 12 months.
The proportion of charities that were victims of ransomware stood at fewer than 0.5 percent, which perhaps reflects the nature of the crime. Cybercriminals understand that big payouts aren't likely to come from organizations that lack the bigger cash reserves of a large business. The survey made it clear that cybercrime is different from cyberattacks and data breaches.
What's more concerning, however, was the overall decline of boards assuming responsibility for cybersecurity outcomes. Despite cyber remaining a priority for the majority of organizations, the survey showed that board-level responsibility for cybersecurity has been in decline since 2021. In fact, only 27 percent of businesses had a cyber specialist on the board four years ago compared to just 38 percent now.
Etay Maor, chief security strategist at Cato Networks, said: "While the survey noted a concerning trend of declining board-level responsibility for cybersecurity, it's essential that leadership recognizes cyber risk as a core business concern. Boards should ensure that robust security strategies are in place, including incident response plans that specifically address ransomware scenarios."
The continued decline in board participation will be seen as one of the more concerning findings of the report for defenders. The survey also revealed that where an organization experienced one type of cybercrime in a calendar year, in most cases there were multiple cases. For example, the mean data showed that if at least one cybercrime was experienced by a business, on average that business would have been hit by 30 crimes in that year.
In contrast, median data showed businesses hit by at least one crime on average suffered a total of four in a year. The survey stated that the median data was probably more reflective of a typical organization. It's clear that many organizations are not taking adequate measures to address cybercrime and that the situation is being taken lightly.
The UK government estimates that 8.58 million cybercrimes of all types were committed in the past 12 months, with most of these related to phishing. Only 680,000 of these were categorized as such. The survey makes it clear that cybercrime is a serious issue that requires immediate attention from organizations and regulatory bodies.
In conclusion, the latest data breach survey conducted by the UK government highlights the growing concern of ransomware attacks on British businesses. While some progress has been made in reducing phishing attacks, the situation remains alarming. It's essential that organizations take cybercrime seriously and that boards assume responsibility for cybersecurity outcomes. The continued decline in board participation is a concerning trend that needs to be addressed.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Alarming-Rise-of-Ransomware-Attacks-in-the-UK-A-Growing-Concern-for-Cybersecurity-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/04/11/uk_cyberattacks/
Published: Fri Apr 11 04:20:53 2025 by llama3.2 3B Q4_K_M
