National Cyber Security Centre
Latest statement on international ransomware cyber attack
The NCSC's latest statement regarding the international cyber incident.
Since the global coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday, there have been no sustained new attacks of that kind. But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks.
This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale.
Our national focus must therefore be on two lines of defence.
The first is to limit the spread and impact of the attacks that have already occurred. Due to broad government and partner efforts, a variety of tools are now publicly available to help organisations to do this. This guidance can be found on our homepage – ncsc.gov.uk – under the title 'Protecting Your Organisation From Ransomware'.
We know already that there have been attempts to attack organisations beyond the National Health Service. It is therefore absolutely imperative that any organisation that believes they may be affected, follows and implements this guidance.
We have set out two pieces of guidance: one for organisations and one for private individuals and SMEs which can be applicable regardless of the age of the software in question. It will be updated as and when further mitigations become available and we will announce when updates have been made on Twitter (@ncsc) and elsewhere.
Secondly, it is possible that a ransomware attack of this type and on this scale could recur, though we have no specific evidence that this is the case. What is certain is that ransomware attacks are some of the most immediately damaging forms of cyber attack that affects home users, enterprises and governments equally.
It is also the case that there are a number of easy-to-implement defences against ransomware which very considerably reduce the risk of attack and the impact of successful attacks. These simple steps to protect against ransomware could be applied more thoroughly by the public and organisations
Companies can undertake three simple steps which are also set out on our website and can be summarised as follows:
- Keep your organisation's security software patches up to date
- Use proper antivirus software services
- Most importantly for ransomware, back up the data that matters to you, because you can't be held to ransom for data you hold somewhere else.
Home users and small businesses can take the following steps to protect themselves:
- Run Windows Update
- Make sure your antivirus product is up to date and run a scan – if you don’t have one install one of the free trial versions from a reputable vendor
- If you have not done so before, this is a good time to think about backing important data up – you can’t be held to ransom if you’ve got the data somewhere else.
In the days ahead, the NCSC, working closely with the National Crime Agency in support of their criminal investigation, and with international partners in both other governments and the commercial sector, will continue our round-the-clock effort to get ahead of this threat. We would like to reassure the public that resources from the Government, law enforcement and public and private sector organisation are working together to manage further disruption from the current attack and to increase protection against any further attacks in the coming days. The country's security and law enforcement agencies are working round the clock to protect the public. Private sector efforts have made a very significant contribution to mitigate the cyber attacks so far and to prevent further disruption.
We will provide further updates as and when appropriate.
Notes to Editors
- Ransomware attacks are typically carried out by criminal groups however we cannot rule out anything while investigations are ongoing.
- Existing NCSC guidance provides organisations with information about how to protect themselves from ransomware attacks.
- The government is fully committed to defending against cyber threats and address the cyber skills gap to develop and grow talent. A five year National Cyber Security Strategy (NCSS) was announced in November 2016, supported by £1.9billion of transformational investment.
- The NCSC was opened by HM The Queen in February 2017 and provides a single, central body for cyber security at a national level. It provides advice for national cyber security incidents, carries out real-time threat analysis and provides tailored sectoral guidance.
Points of contact/interest:
Latest News from
National Cyber Security Centre
NCSC joins US partners to promote understanding and mitigation of Russian state-sponsored cyber threats13/01/2022 11:15:00
The NCSC supports CISA, FBI, and NSA advice in understanding and countering Russian cyber threats.
Public urged to protect themselves from online sales scams27/12/2021 12:12:00
Yesterday (26 December), the government urged the public to protect themselves from online sales scams through five actionable steps.
Government publishes blueprint to protect UK from cyber threats15/12/2021 15:10:00
National Cyber Strategy sets out how government will protect and promote UK interests in rapidly evolving online world
Seasonal scam warning for last minute Christmas shoppers14/12/2021 13:15:00
The NCSC urge last minute Christmas shoppers to stay safe online by following best practice guidance.
Four more tech innovators join NCSC for Startups07/12/2021 09:10:00
Pioneering tech companies will benefit from NCSC’s expertise and insights by joining the programme.
Update to the Cyber Essentials technical controls30/11/2021 16:25:00
In January 2022, the NCSC will introduce the biggest update to Cyber Essentials technical controls since its launch.
UK schoolgirls encouraged to enter new-look codebreaking contest24/11/2021 13:25:00
Register your team for the CyberFirst Girls Competition 2022 ahead of the opening round.
NCSC commits to improving equality, diversity and inclusion as report shows progress but room for improvement remains23/11/2021 13:05:00
This year's report measures industry-wide progress since 2020, and captured new benchmarks including disability, neurodiversity and seniority.