SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
The British Council falls victim to two successful ransomware attacks
Mon, 27th Dec 2021
FYI, this story is more than a year old

New cyber fears as The British Council falls victim to two successful ransomware attacks.

According to official data, the British Council, the non-departmental public body, has admitted to falling victim to two successful ransomware attacks over the past five years.

The ransomware attacks saw the organisation's security systems successfully breached and led to a total of 12 days of downtime, meaning its systems were offline or unusable. The first attack caused five days of downtime, and the second saw seven days of downtime. No ransom was paid in either incident.

There were also six unsuccessful ransomware attacks on The British Council during the five years when ransomware was detected and blocked, or malware was not deployed on the endpoint.

The information was obtained using Freedom of Information legislation by the Parliament Street think tank as part of a wide-ranging study into the threats posed by ransomware to public sector organisations and government departments.

The new revelations come as the UK government announced its new UK Cyber Strategy, which seeks to strengthen the country's cyber ecosystem and build a resilient and prosperous digital infrastructure to help combat ransomware attacks. The government have committed to spend 22 billion on research and development through this strategy, with technology being given a central role in national security.

In the last several years, there have been numerous ransomware incidents impacting public UK bodies. Including attacks on Redcar - Cleveland Borough Council and Hackney Council in 2020. Recently, the infamous Clop ransomware gang published confidential data on the dark web following an attack on an IT service provider.

"Every organisation is vulnerable to ransomware attacks," says Absolute Software area vice president, EMEA, Edward Blake.

"A large portion of time and resources are spent trying to prevent them, but it is a matter of when they happen, not if they happen, and it is on organisations and businesses to put in place effective cybersecurity measures to deal with ransomware attacks when, not if, they occur.

Blake says Zero Trust protocols are one of the most effective methods to preventing bad actors, which may already have access to a system, from infecting other aspects of the network or moving laterally through a system to seize even more data.

He says maintaining a healthy network through effective cybersecurity measures is paramount to protecting organisations against cybercriminals. Self-healing capabilities are the perfect solution to ensuring that applications remain healthy without compromising performance or productivity.