In their joint advisory, they reveal that the tactics of ransomware groups evolved last year. Trends observed in 2021 include:

• targeting organisations on public holidays and weekends

• attacking industrial processes and the software supply chain

• targeting cloud services

• disrupting work and shutting down services

• holding organisations to ransom until demands have been paid

• increased use of cybercriminal 'services-for-hire'

• sharing of victim information between different groups of cyber criminals

• diversifying approaches to extorting money

Businesses and organisations are encouraged to familiarise themselves with the risks and ensure their IT teams are taking the correct actions to bolster resilience.

The advisory suggests ways to mitigate risk of compromise by ransomware by implementing a requirement for multi-factor authentication, Zero Trust architecture, and a user training programme with phishing exercises.

The advisory follows the NCSC's recently launched Ransomware Hub, which is a one-stop shop for advice on how ransomware works, on whether a ransom should be paid, and how to prevent a successful attack.

UK organisations which fall victim to a cyber-attack should report the incident to the NCSC's 24/7 Incident Management team.

See: Joint advisory highlights increased globalised threat of... - NCSC.GOV.UK