This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/ced61xv967lo
The article has changed 6 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| Have plans on paper in case of cyber-attack, firms told | Have plans on paper in case of cyber-attack, firms told |
| (32 minutes later) | |
| A cyber attack stalled production at Jaguar Land Rover factories in September, including at their Solihull site (pictured, file photo) | |
| People should plan for potential cyber-attacks by going back to pen and paper, according to the latest advice. | People should plan for potential cyber-attacks by going back to pen and paper, according to the latest advice. |
| The government has written to chief executives across the country strongly recommending that they should have physical copies of their plans at the ready as a precaution. | The government has written to chief executives across the country strongly recommending that they should have physical copies of their plans at the ready as a precaution. |
| A recent spate of hacks has highlighted the chaos that can ensue when hackers take computer systems down. | A recent spate of hacks has highlighted the chaos that can ensue when hackers take computer systems down. |
| The warning comes as the National Cyber-Security Centre (NCSC) reported an increase in nationally significant attacks this year. | The warning comes as the National Cyber-Security Centre (NCSC) reported an increase in nationally significant attacks this year. |
| Criminal hacks on Marks and Spencer, The Co-op and Jaguar Land Rover have led to empty shelves and production lines being halted this year as the companies struggled without their computer systems. | Criminal hacks on Marks and Spencer, The Co-op and Jaguar Land Rover have led to empty shelves and production lines being halted this year as the companies struggled without their computer systems. |
| Organisations need to "have a plan for how they would continue to operate without their IT, (and rebuild that IT at pace), were an attack to get through," said Richard Horne, chief executive of the NCSC. | Organisations need to "have a plan for how they would continue to operate without their IT, (and rebuild that IT at pace), were an attack to get through," said Richard Horne, chief executive of the NCSC. |
| Firms are being urged to look beyond cyber-security controls toward a strategy known as "resilience engineering", which focuses on building systems that can anticipate, absorb, recover, and adapt, in the event of an attack. | Firms are being urged to look beyond cyber-security controls toward a strategy known as "resilience engineering", which focuses on building systems that can anticipate, absorb, recover, and adapt, in the event of an attack. |
| Preferably the plans should be in paper form or stored offline, the agency suggests. | Preferably the plans should be in paper form or stored offline, the agency suggests. |
| Although the total number of hacks that the NCSC dealt with in the first nine months of this year was, at 429, roughly the same as for a similar period last year, there was an increase in hacks with a bigger impact. | Although the total number of hacks that the NCSC dealt with in the first nine months of this year was, at 429, roughly the same as for a similar period last year, there was an increase in hacks with a bigger impact. |
| The number of "nationally significant" incidents represented nearly half, or 204, of all incidents. Last year only 89 were in that category. | The number of "nationally significant" incidents represented nearly half, or 204, of all incidents. Last year only 89 were in that category. |
| A nationally significant incident covers cyber-attacks in the three highest categories in the NCSC and UK law enforcement categorisation model: | A nationally significant incident covers cyber-attacks in the three highest categories in the NCSC and UK law enforcement categorisation model: |
| Category 1: National cyber-emergency. | Category 1: National cyber-emergency. |
| Category 2: Highly significant incident. | Category 2: Highly significant incident. |
| Category 3: Significant incident. | Category 3: Significant incident. |
| Category 4: Substantial incident. | Category 4: Substantial incident. |
| Category 5: Moderate incident. | Category 5: Moderate incident. |
| Category 6: Localised incident. | Category 6: Localised incident. |
| Amongst this year's incidents, 4% (18) were in the second highest category "highly significant". | Amongst this year's incidents, 4% (18) were in the second highest category "highly significant". |
| This marks a 50% increase in such incidents, an increase for the third consecutive year. | This marks a 50% increase in such incidents, an increase for the third consecutive year. |
| The NCSC would not give details on which attacks, either public or undisclosed, fall into which category. | The NCSC would not give details on which attacks, either public or undisclosed, fall into which category. |
| But, as a benchmark, it is understood that the wave of attacks on UK retailers in the spring, which affected Marks and Spencer, The Co-op and Harrods, would be classed as a Significant incident. | But, as a benchmark, it is understood that the wave of attacks on UK retailers in the spring, which affected Marks and Spencer, The Co-op and Harrods, would be classed as a Significant incident. |
| One of the most serious attacks last year, on a blood testing provider, caused major problems for London hospitals. It resulted in significant clinical disruption and directly contributed to at least one patient death. | One of the most serious attacks last year, on a blood testing provider, caused major problems for London hospitals. It resulted in significant clinical disruption and directly contributed to at least one patient death. |
| The NCSC would not say which category this incident would fall into. | The NCSC would not say which category this incident would fall into. |
| The vast majority of attacks are financially motivated with criminal gangs using ransomware or data extortion to blackmail a victim into sending Bitcoins in ransom. | The vast majority of attacks are financially motivated with criminal gangs using ransomware or data extortion to blackmail a victim into sending Bitcoins in ransom. |
| Whilst most cyber-crime gangs are headquartered in Russian or former Soviet countries, there has been a resurgence in teenage hacking gangs thought to be based in English-speaking countries. | Whilst most cyber-crime gangs are headquartered in Russian or former Soviet countries, there has been a resurgence in teenage hacking gangs thought to be based in English-speaking countries. |
| So far this year seven teenagers have been arrested in the UK as part of investigations into major cyber-attacks. | So far this year seven teenagers have been arrested in the UK as part of investigations into major cyber-attacks. |
| As well as the advice over heightened preparations and collaboration, the government is asking organisations to make better use of the free tools and services offered by the NCSC, for example free cyber-insurance for small businesses that have completed the popular Cyber-Essentials programme. | As well as the advice over heightened preparations and collaboration, the government is asking organisations to make better use of the free tools and services offered by the NCSC, for example free cyber-insurance for small businesses that have completed the popular Cyber-Essentials programme. |