A major UK public body has fallen victim to two successful ransomware attacks over the past five years, official figures have shown.
The data, obtained from a freedom of information (FoI) request by the Parliament Street think tank, revealed that the British Council suffered a total of 12 days of downtime due to the incidents; five days in the first and seven in the second. No ransom was paid in either incident.
The British Council is a non-departmental public organization that aims to connect people in the UK and other countries through culture, education and the English language. The official data also revealed that the body experienced a further six unsuccessful ransomware attacks over the five years. In these cases, either the ransomware was detected and blocked, or the malware was not deployed on the endpoint.
There have been numerous ransomware incidents impacting UK public bodies in recent years. These include damaging attacks on Redcar & Cleveland Borough Council and Hackney Council in 2020. This weekend, it was reported that the notorious Clop ransomware gang published confidential data held by UK police on the dark web following an attack on an IT service provider.
Last week, the UK government published a new wide-ranging national cyber strategy, which included plans to increase funding in public sector cybersecurity.
Commenting on the figures, Edward Blake, area vice president EMEA for Absolute Software, said: “Every organization is vulnerable to ransomware attacks. A large portion of time and resources are spent trying to prevent them, but it is a matter of when they happen, not if they happen, and it is on organizations and businesses to put in place effective cybersecurity measures to deal with ransomware attacks when, not if, they occur.
“Zero trust protocols are one of the most effective methods to preventing bad actors, which may already have access to a system, from infecting other aspects of the network or moving laterally through a system to seize even more data. What’s more, maintaining a healthy network through effective cybersecurity measures is paramount to protecting organizations against cyber-criminals – self-healing capabilities are the perfect solution to ensuring that applications remain healthy without compromising on performance or productivity.”