18 Incidents in 2022 Will Require Nationally Coordinated Mitigation, according to the Security Agency. According to the country’s cybersecurity agency, Attacks by ransomware against U.K. hospitals and schools remain the top cybersecurity danger country in 2022. And these assaults are projected to increase in the coming months.

While there was an increase in attacks in the UK, including spear-phishing and other low-level attacks, ransomware attacks against the country’s critical infrastructure continued throughout the year. In total, 18 incidents in the UK required national-level coordination to remove the malware from systems.

According to the National Cyber Security Centre’s 2022 cyber threat report. They include attacks on a provider of the nation’s national emergency helpline and a water supply firm in South Staffordshire.

The growth of ransomware-as-a-service organizations, according to the NCSC, is to blame for the rise in ransomware assaults. These organizations, the NCSC claims, are giving power to less experienced attackers. And group affiliates who would otherwise be unable to use complex software. According to NCSC, these services have given a wider variety of hackers access to numerous attack avenues.

Additionally, less experienced hackers are already arming themselves with cutting-edge incursion tools like military-grade spyware and commercially available cyber surveillance equipment. These tools have lowered entry into cybercrime and will inevitably aid in corporate espionage and ransomware assaults against the United Kingdom. businesses.

According to Lindy Cameron, CEO of the National Cyber Security Centre, “Ransomware remains the most serious threat that businesses and organizations in the U.K. face. These attacks have real-world repercussions, and it is crucial that organizations treat them as genuine, board-level risks to be managed.

The Affected Organizations

The organizations noted the 2021 discovery of the Log4J vulnerability that ransomware hackers actively weaponized within months of its exposure. There is another significant attack vector causing an increase in ransomware outbreaks. Multiple software versions are affected by the JavaScript bug, which when exploited allows remote code execution.

The ransomware organizations that are successful in using Log4j to target victims around the world are TellYouThePass, Conti, and Khonsari.

The NCSC claims a spike in ransomware attacks as a result of geopolitical tensions resulting from Russia’s invasion of Ukraine.

According to NCSC, “the major ransomware criminal organizations that target the U.K. continue to be situated in and around Russia. While the extent of the Kremlin’s control over these ransomware groups is unclear. Those operating within Russia’s borders profit from the country’s covert approval.

Hackers use the data extortion model for the bulk of ransomware operations in the U.K. last year to persuade victims to pay more ransom. In order to deter other attacks, the NCSC advises companies and other ransomware victims to refuse to pay the ransom.