Security News > 2022 > February > UK, US, Australia issue joint advisory: Ransomware on the loose, critical national infrastructure affected
Ransomware attacks are proliferating as criminals turn to gangs providing turnkey post-compromise services, Britain's National Cyber Security Centre has warned.
The warning comes hot on the heels of several high-profile attacks against oil distribution companies and also businesses that operate ports in the West - though today's note insists there was a move by criminals away from "Big game hunting" against US targets.
The NCSC told The Register today's warning was not linked to a potential Russian invasion of Ukraine, with the advisory adding that the shift away from the US by criminals hasn't really affected Britain: organisations of all sizes are still in the firing line - even those making the nation's favourite snacks.
Common routes into an organisation's IT infrastructure for a ransomware attack range from compromise of cloud applications and storage, to supply chain attacks such as those directed against upstream MSPs, and the age-old tactic of attacking on a weekend or holiday.
Many ransomware gangs are believed to be based in Russia and the country has a storied history of state-directed cyber attacks against the West.
According to ESET's latest Threat Report, out today, ransomware attacks "Surpassed the worst expectations of 2021" and in the first half of the year alone companies across the globe collectively paid out some $5bn in bitcon to make the bad things stop.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/02/09/uk_us_au_ransomware_warning/
Related news
- CISA: Network switch RCE flaw impacts critical infrastructure (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Akira and Fog ransomware now exploit critical Veeam RCE flaw (source)
- US and UK govts warn: Russia scanning for your unpatched vulnerabilities (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Ransomware fiends boast they've stolen 1.4TB from US pharmacy network (source)
- US charges Phobos ransomware admin after South Korea extradition (source)