Ransomware fueled record year for UK cyber response

Attacks on health care were among the most predominant.
A member of staff poses for a photograph at a workspace in the National Cyber Security Centre on February 14, 2017 in London, England. (Photo by Carl Court/Getty Images)

The U.K. National Cyber Security Centre fought a record number of digital intrusions in the past year, the agency reported, driven by a surge in ransomware and hackers targeting the health care sector during the COVID-19 pandemic.

Over a 12-month period ending in September, the agency responded to 777 incidents, a more than 7% increase, the center said in its Nov. 17 annual report.

Ransomware kept the center busy, with officials handling the same number of incidents in the first four months of 2021 that it did in all of 2020, itself triple the number of incidents in 2019. That made ransomware the “most significant cyber threat facing the U.K. this year,” the report states. Still, businesses aren’t taking it seriously enough, National Cyber Security Centre CEO Lindy Cameron wrote.

“In my view it is now the most immediate cyber security threat to U.K. businesses and one that I think should be higher on the boardroom agenda,” she said.


The agency’s exhortations mirror the efforts of U.S. government officials who have begun applying regulatory and legislative pressure on industry to take action on ransomware, fueled by high-profile attacks over the summer at Colonial Pipeline, JBS and Kaseya.

Threats against the heath care sector were another key challenge for the U.K. agency. Of the 777 incidents it responded to, 20% were linked to the health sector and COVID-19 vaccines.

Sometimes the ransomware threat invaded that sector, with the center aiding the University of Oxford’s vaccine researchers in fending off an attempted ransomware attack “with the potential to cause significant disruption to the U.K.’s pandemic response.”

Supply chain attacks were another major source of work for the center, marked by the attacks on Microsoft Exchange servers and the U.S. federal contractor SolarWinds. China and Russia, which the U.S. blamed respectively for those attacks, continue to be the most advanced nations posing a threat in cyberspace, the report states.

Latest Podcasts