Ransomware is the most significant cybersecurity threat facing the country today, but many businesses still aren't taking the threat as seriously as they should be, the National Cyber Security Centre (NCSC) has warned. 

In its newly published annual review, the NCSC -the cybersecurity arm of intelligence agency GCHQ -details the incidents and threats the UK has faced during the past 12 months, including cyberattacks against the health service and vaccine developers during the coronavirus pandemic, state-sponsored cyber-espionage campaigns, phishing scams and more.  

See also

Ransomware: An executive guide to one of the biggest menaces on the web

Everything you need to know about ransomware: how it started, why it's booming, how to protect against it, and what to do if your PC is infected.

But, because of the likely impact a successful attack could have on essential services or critical national infrastructure, it's ransomware that is viewed as the most dangerous cyber threat -and one that more leadership teams need to think about.

SEE: A winning strategy for cybersecurity (ZDNet special report) 

"One of the trends that the NCSC has seen over the last year was a worrying growth in criminal groups using ransomware to extort organisations. In my view it is now the most immediate cybersecurity threat to UK businesses and one that I think should be higher on the boardroom agenda," said Lindy Cameron, CEO of the NCSC.  

The number of ransomware attacks has grown significantly during the past year, reaching the same number of incidents in April 2021 as there had been in all of 2020. 

"In the first four months of 2021, the NCSC handled the same number of ransomware incidents as for the whole of 2020 -which was itself a number more than three times greater than in 2019," said the NCSC report. 

The severity of some ransomware attacks means organisations can take a long time to recover. The NCSC paper notes that Hackney London Borough Council suffered significant disruption to services when a cyberattack resulted in IT systems being down for months, affecting the availability of local services, and requiring a recovery that cost millions of pounds.  

Alongside local governments, universities have been a common victim of ransomware attacks, to the extent the NCSC has issued specific advice on how these institutions can protect themselves against attacks. 

"In the UK there was an increase in the scale and severity of ransomware attacks, targeting all sectors from businesses to public services. In response, the NCSC has identified and mitigated numerous threats, whether committed by sophisticated state actors, organised criminal groups or lone offenders," said Sir Jeremy Fleming, director of GCHQ.  

In total, including ransomware attacks, the NCSC has helped handle 777 incidents during the past year, up from 723 on the previous year and an average of 643 a year since the NCSC launched in 2016. 

Security

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next

But while ransomware is a significant and ever-evolving threat, there are measures that organisations can take to help avoid falling victim to an attack, or lessen the impact should the network be compromised by file-encrypting malware. 

SEE: Ransomware: It's a 'golden era' for cyber criminals - and it could get worse before it gets better

As detailed by the paper, the most common entry point for ransomware attacks are remote desktop protocol (RDP) attacks, where hackers take advantage of insecure RDP configurations to gain access to the network. Organisations can counter this by encouraging users to use unique, difficult-to-guess passwords