The UK and Singapore have launched guidance about ransomware.
The document is issued by the international Counter Ransomware Initiative. It urges businesses to follow four steps—’understand, identify, develop, and review’ – to ‘significantly reduce the likelihood and impact of ransomware incidents’, against them and in their supply chain. It gives the June 2024 example of a ransomware attack on Synnovis; a pathology supplier to several major NHS Trusts in the UK, ‘which led to substantial disruption across several hospitals’. Home Office Security Minister Dan Jarvis said: “Ransomware and cyber-attacks pose an immediate and urgent threat to our nation’s security and economy. We are taking decisive action to counter this threat, but global coordination is essential. Cybersecurity must be a top priority for all businesses. It’s vital that the counter ransomware guidance is followed and strong measures are taken to defend against these destructive attacks.”
UN Convention
Meanwhile the United Nations Secretary-General António Guterres attended the signing ceremony of the UN Convention against Cybercrime, in Hanoi, the capital of Vietnam. He described the convention as ‘a powerful, legally binding instrument to strengthen our collective defences against cybercrime’. Among countries that have signed are the UK, Australia and Canada, France, Germany and Spain; among those that have not are Russia, the United States and China.
Comments
AJ Thompson, CCO at Northdoor plc, an IT firm, says: “There is little doubt that supply chain attacks are now the most effective method cybercriminals are using to gain access to data and systems. The attacks against the high-profile targets over the past few months has really increased the spotlight on the attacks and should have acted as wake-up call to all businesses.
“The issue is that most supply chains are now so large and complex, understanding where vulnerabilities lie within third parties or even further down the line is for most an impossible task. Therefore, advice from the Government is welcomed, but it needs to be more proactive, less bland, than what we have seen so far.
“Without insight as to where the weaknesses lie within supply chains companies are essentially leaving the back-door open, no matter what they spend on frontline defences.
“The advice from the Government is based on the traditional method of collecting information from supply chain partners, relying on questionnaires and the honesty and knowledge of the partner. Such an approach cannot provide the level of insight needed to protect against such sophisticated attacks.
“Many companies are instead turning to AI generated solutions that can provide a 360-degree view of where vulnerabilities lie within supply chains, giving them the information needed to ensure such gaps are closed before cybercriminals can take advantage of them.
“The Government and companies need to appreciate that the response to supply chain attacks needs to be on par with the sophistication that the cybercriminals are using. This does not means a huge expense, but instead a new way of thinking about how to use technology to counter the threat, not hanging onto old, outdated methods.”
Proposals
The UK is proposing that its public sector bodies and operators of critical national infrastructure, the likes of the NHS, councils and schools, would be banned from paying ransom demands to criminals. Aben Pagar, Director at Konexo, says: “The UK’s ransomware payment ban for public sector bodies is arguably a necessary step in disrupting the financial incentives that fuel cybercrime. But it also marks a turning point for operational readiness. Organisations will no longer be able to pay to restore systems quickly, which means prevention and recovery capabilities must be watertight. Suppliers remain a key vulnerability, and the new guidance rightly focuses on them. As attackers evolve using AI and deepfakes, robust backups, tested incident response plans, and supplier resilience are now essential, not optional.”
