Ransomware attacks on UK organisations have doubled in the first half of 2021
And education is the hardest hit sector
The number of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 doubled compared to such incidents reported in the first half of 2020, according to a new analysis by the British cyber security and data analytics firm CybSafe.
CybSafe conducted the study to determine the nature of the security breaches reported to the British data regulator in 2020 and 2021.
It found that 22 per cent of all cyber incidents reported to the ICO in the first six months of 2021 were ransomware attacks, up from 11 per cent in the first half of the previous year.
Phishing was found to be the primary cause of all cyber breaches reported in the first half of the year, accounting for 40 per cent of all cyber incidents, compared to 44 per cent a year ago.
Education has been the hardest hit sector in 2021 so far, according to the analysis.
Ransomware attacks accounted for a third (32 per cent) of all cyber incidents targeting schools and universities in the first half of 2021, up from 11 per cent a year ago.
Educational institutions have become popular targets for ransomware gangs in the past one year as the pandemic has forced schools and colleges to switch to remote learning. As a result of increased attacks, many schools and colleges have lost their coursework, financial records and COVID-19 testing data.
Earlier this month, six schools on the Isle of Wight were hit by a ransomware attack that resulted in the encryption of their key data. In March, Birmingham College fell victim to a major ransomware attack affecting many of its core IT systems.
In May 2020, nearly 20 UK-based universities and charities were hit in a global ransomware attack that targeted US-based cloud computing provider Blackbaud.
Retail and manufacturing is another preferred target for cyber attacks, according to CybSafe study, which found that 20 per cent of all reported incidents this year targeted retail and manufacturing sector.
Commenting on the increasing number of ransomware attacks, Oz Alashe, CEO of CybSafe, said: "Ransomware, already a significant threat, has become increasingly prevalent over the past year."
"To combat this threat, we need to move beyond box-ticking awareness exercises and appreciate the human aspect of cyber security if we want to experience genuine behavioural change. These behaviours are the foundation of our defence against such malicious threats and will only grow in their importance over the coming years."
Last year, an analysis by CrowdStrike revealed that more than half of organisations that suffered a cyber-intrusion incident in 2020 were actually hit with a ransomware attack. CrowdStrike found that cyber intrusions were no longer a one-time event, as 68 per cent of organisations that suffered an intrusion in 2020 also experienced an additional attempt later.
US cyber security firm Emsisoft said last year that British firms were hit by nearly 5,000 ransomware attacks in 2019, forcing them to pay nearly £210 million in ransoms.
The UK was sixth on the list of high-value countries for cyber criminals, with the USA, in first place, paying $1.3 billion.