The government has issued a recommendation to business leaders across the UK to maintain physical copies of their operational plans to prepare for potential cyber-attacks. This advice is prompted by a recent surge in cyber incidents that have caused significant disruptions, such as the attacks on Marks and Spencer, The Co-op, and Jaguar Land Rover, where companies faced empty shelves and halted production due to compromised computer systems.
The National Cyber Security Centre (NCSC) noted an increase in serious cyber incidents this year, classifying 204 of the 429 reported attacks as “nationally significant.” This category encompasses the three highest levels of severity in their incident classification framework, which includes national emergencies and highly significant events. Notably, the number of highly significant incidents has risen by 50% compared to previous figures.
In response to the growing threat landscape, Richard Horne, chief executive of the NCSC, emphasized the importance of organizations being prepared to operate without IT systems and to have strategies in place for swift recovery following an attack. The NCSC advocates for a shift toward “resilience engineering,” which emphasizes developing systems capable of anticipating and recovering from cyber threats.
The agency recommends that businesses keep contingency plans in offline formats to mitigate risks associated with digital disruptions. While the total number of cyber incidents remains relatively stable year-over-year, the proportion of high-impact attacks has notably increased.
Financially motivated attacks remain the core focus for perpetrators, often involving ransomware and data extortion tactics. A rising concern includes the emergence of teenage hacking groups from English-speaking countries, alongside more established criminal organizations primarily based in Russia and former Soviet regions. This year, seven teenagers in the UK have been arrested in connection with major cyber incidents. The government encourages organizations to utilize available resources, such as free services and cyber insurance options provided by the NCSC, particularly targeting small businesses participating in the Cyber Essentials initiative.
Source: https://www.bbc.com/news/articles/ced61xv967lo?at_medium=RSS&at_campaign=rss