💰💣

National Cyber Security Centre Security Incident

Friday 12 May 2017 3055 days ago Resolved

Incident Overview

Situation Description

The National Cyber Security Centre issued a statement following a global coordinated ransomware attack that affected thousands of organizations.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Government

Geographic Scope

Global

Response Actions

Shared Threat Intelligence Collaborated with Peers / Community Hardened Attack Surface Conducted Employee Training

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Primary Impacts

Operational Disruption

Key Decisions Made

Issued guidance on protecting organizations from ransomware, including keeping security software patches up to date, using proper anti-virus software, and backing up data.; Advised home users and small businesses to run Windows Update, ensure anti-virus products are up to date, and back up important data.; Collaborated with government, law enforcement, and private sector partners to manage disruption and increase protection against further attacks.

Technical Analysis

Attack Method

Unknown

Additional Information

Due to the cyber attacks that took place on Friday 12 May 2017, please see the following statement on behalf of Ciaran Martin, CEO of the National Cyber Security Centre. 'Since the global coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday, there have been no sustained new attacks of that kind.But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks. This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale. Our national focus must therefore be on two lines of defence. The first is to limit the spread and impact of the attacks that have already occurred.Due to broad government and partner efforts, a variety of tools are now publicly available to help organisations to do this.This guidance can be found on our homepage ncsc.gov.uk under the title Protecting Your Organisation From Ransomware: https://www.ncsc.gov.uk/guidance/ransomware-latest-ncsc-guidance . We know already that there have been attempts to attackorganisations beyond the National Health Service. It is therefore absolutely imperative that any organisation that believes they may be affected, follows and implements this guidance. We have set out two pieces of guidance: one for organisations and one for private individuals and SMEs which can be applicable regardless of the age of the software in question.It will be updated as and when further mitigations become available and we will announce when updates have been made on Twitter (@ncsc) and elsewhere. Secondly, it is possible that a ransomware attack of this type and on this scale could recur, though we have no specific evidence that this is the case.What is certain is that ransomware...

... (truncated for display)

Quick Facts

Company:: National Cyber Security Centre
Date:: Friday 12 May 2017
Status:: Resolved
Decision Maker:: Ciaran Martin
Position:: CEO
Published:: 12/05/2017

Source Information

Original Query

public statements from CEOs about ransomware attacks 2020..2025

View Original Source

Timeline

Information Published

12/05/2017

Incident Occurred

Friday 12 May 2017 (3055 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats