NCSC Reiterates Increased Cyber Vigilance for Companies While Lauding NCA's LockBit Crackdown

The National Cyber Security Centre (NCSC) lauded the efforts of the UK's National Crime Agency (NCA) and its partners to crackdown on the LockBit ransomware group on Tuesday.

Along with this, NCSC reiterated its call for UK businesses to step up their cybersecurity efforts to protect themselves from ransomware attacks.

Jonathon Ellison, the NCSC's Director for National Resilience and Future Technology, thanked the NCA and its allies for their work in infiltrating cybercriminals, both in the UK and worldwide.

Ellison pinpointed that ransomware still poses a real danger to UK businesses, causing financial losses, disrupting operations and harming reputations.

"We urge all organisations to follow the guidance on the NCSC website to help reduce their risk of falling victim and to ensure they are well-prepared to respond effectively if the worst happens," he stated.

LockBit, which has been active since 2019, has been engaged in various cyber-attacks. Notable cases include the release of 43GB of stolen Boeing data, the breach of 200GB of Bangkok Airways data which affected its passengers, disruptions in RoyalMail's international deliveries, and attacks on the Industrial and Commercial Bank of China. According to US government reports companies across the country have paid the LockBit gang a total of $91 million as ransom.

With four arrests made using a huge amount of data recovered from the hackers, officials guaranteed on Tuesday to repurpose the technology to reveal the group's actions to the public.

A joint effort led by the UK and US law enforcement has made significant progress in tackling LockBit, known to be one of the most dangerous cybercrime groups in the world, with ties to Russia. This operation, named 'Cronos', has disrupted LockBit's operations, resulting in the seizure of vital infrastructure and decryption keys needed for victims to recover their systems.

Graeme Biggar, Director General of the NCA hailed this as a major win against cybercrime, announcing the disruption and amalgamation of LockBit's network and services.

"As of today LockBit is effectively redundant, LockBit has been locked out," Biggar said.

NCA, on the other hand, has announced a months-long effort with international partners to counter the danger presented by the LockBit ransomware attack.

This followed the NCSC's assessment last year, which listed LockBit as the primary ransomware threat in the UK through 2022.

The NCSC has issued a number of suggestions as well as guidelines to help companies understand, mitigate and respond to ransomware attacks.

Earlier, the British cybersecurity agency had alerted companies nationwide following a software breach that exposed the personal information of employees in leading businesses.

Among the initial major targets of this cyberattack were the BBC, British Airways and several other firms. The breach exploited a critical vulnerability in widely used file transfer software called Moveit. The group responsible for the breach, suspected to be the Clop ransomware group, openly threatened to expose stolen data, including sensitive personal details like names and home addresses, on their dark website.

Not only ransomware, but NCSC has also been releasing reports on the growing malicious cyber activities being carried out using Artificial Intelligence and Deepfakes. AI will enable the relatively unskilled threat actors to enhance their abilities lowering the barrier of entry for amateur cybercriminals, hackers-for-hire and hacktivists. Top of Form

The NCSC report indicated that the increasing capabilities of cybercriminals, facilitated by AI services, are anticipated to impact not only cyber fraud but also instances of child sexual abuse.

On the other hand, the UK Government has allocated £2.6 billion towards its Cyber Security Strategy, prioritising the bolstering of the nation's resilience to address this evolving threat.

The NCSC has also integrated AI technologies to enhance threat detection and embed security measures from the outset by collaborating with the private sector, henceforth ensuring proactive protection against cyber threats.