Ransomware remains the biggest online threat to UK business
As cyber security threats are a common occurrence, what should DPOs know about ransomware and responding to demands? By Laura Linkomies.
Companies are advised to take proactive steps to avoid a ransomware attack. This may not be many DPOs’ bread and butter, but they evidently get involved not least due to the requirement to notify the ICO of a data breach within 72 hours of it taking place. But what should a data protection professional know about preventing attacks, mitigating harms and communicating with colleagues?
Ransomware attacks are more and more common on all sizes of companies and industries, and this topic was therefore of great interest at the Privacy Laws & Business 2022 Annual International Conference.
Christian Heggen, Strategic Threat Advisor at CrowdStrike, spoke about the nature of these attacks. He said that threats can be categorised according to their perceived motives. There are attacks seeking disruption at military or nation-state level, financially motivated e-crimes, and attacks motivated by activism. He said that in 2021 they have witnessed ransomware attacks purely for destructive reasons, i.e. there was no financial motivation. There have also been changes in e-crime; dedicated ransomware gangs are attacking large organisations.
UK Report subscribers, please login to access the full article
If you wish to subscribe, please see our subscription information.