Clearswift’s Alyn Hockey explains why the public sector needs to tighten its cyber security to protect itself against ransomware.
It is more than three years since the WannaCry ransomware cryptoworm emerged. It caused enormous damage to organisations all over the world, but the UK public sector was among the worst hit, with the NHS suffering a reported £92M loss.
Since then, the UK public sector has made significant improvements in how it defends itself against ransomware and in its broader cyber security. However, cyber criminals are better organised and more professional than ever, and the threat they pose is constantly evolving. The recent pandemic has made that particularly clear – coronavirus-based phishing attacks have increased dramatically, and the public sector is perhaps more vulnerable to ransomware than at any other time over the past three years.
A lack of ransomware awareness
A recent Clearswift report, The Unknown Threat, surveyed 1,000 UK public sector employees about their understanding of cybersecurity and how they behaved with regard to cybersecurity in the workplace. It found that almost half of respondents have either not heard of, or do not know what ransomware is.
Despite phishing emails being an incredibly common vector for delivering ransomware attacks, 25% of public sector workers have either not heard of, or do not know what phishing is. If people are not aware of a problem, then it stands to reason that it could be hard to defend against.
This lack of awareness is made worse by a lack of training – 77% of our respondents have been given no instruction on how to recognise ransomware, while 16% have had no cybersecurity training whatsoever.
Addressing the problem
Strong cybersecurity should always be about a combination of people, processes and technology. Ransomware is such a significant problem and the people that work within the public sector need to know exactly what it is and how to recognise it. This need not be a lengthy or involved training programme, more a question of providing people with regular updates and refreshers.
Advanced email and web security solutions can also play an important role in public sector cyber security, by detecting and removing threats such as malicious links in emails and attachments, or from documents downloaded from the web, and disabling the URLs before they can cause any harm. This automatic sanitisation protects staff from mistakenly clicking on malicious links.
Cyber security in the public sector has made great advances but given the on-going and growing threat posed by cyber criminals, there is always room for improvement. Communicating clearly about the dangers of ransomware as part of a broader look at overall cyber security strategy is a sensible place to start.