Cyber Security Unity Logo

info@csu.org.uk

}

Mon/Fri | 9am to 5pm

0800 722 0155

NCSC and ICO call on Legal Profession to Support Position on Ransomware Payments

by | Aug 7, 2022 | Threat Reports | 0 comments

Cyber Security Unity is a global community and content hub that is dedicated to bringing individuals and organisations together who actively work in cyber security. The aim of Cyber Security Unity is to foster greater collaboration in the industry to help combat the growing cyber threat. Our work is showcased through the provision of strong thought leadership via blogs, articles, white papers, videos, events, podcasts and more. For more information visit www.csu.org.uk.

Related Posts

Ransomware is the biggest online threat to UK organisations and, worryingly, we’ve seen evidence of a rise in payments to criminals behind these attacks.

That’s why the NCSC and the Information Commissioner’s Office have called for help from the Law Society, after concerns that some victims were being advised by legal teams to pay.

Though it may be tempting to pay to get systems back up and running quickly, it’s important to remember that UK Government does not encourage nor condone the payment of ransoms. There’s no guarantee you’ll get your data back and your systems could be compromised again in future. Paying a ransom doesn’t mean you’ll get a lower penalty from the ICO or be looked upon more favourably in any regulatory action.

The NCSC has a wide range of guidance on mitigating the ransomware threat, for example advising companies to keep offline back-ups. All of our advice can be found on the ransomware pages. The ICO’s recently updated ransomware guidance can be found on its website.

Google urges Android partners to apply latest security patches

Google has detailed their latest patches for Android systems in their monthly security bulletin.

Among the 37 flagged vulnerabilities in the August bulletin is a critical security flaw that could lead to remote code execution via Bluetooth with no additional execution privileges required.

The flaw, being tracked as CVE-2022-20345, has been patched on Android 10, 11, 12, and 12L and Google advises users running earlier versions to check and update their Android version as soon as they can.

The bulletin lists other high severity issues, many of which could lead to disclosure of sensitive information and/or privilege escalation.

Google has encouraged all Android partners to fix the issues listed and bundle them together in a single update for users.

Installing the latest software and app updates as soon as they are available helps keep devices safe from online threats. The NCSC has published advice to help individuals do this promptly, alongside more top tips for staying secure online.

Cyber Security Unity

Cyber Security Unity is a global community and content hub that is dedicated to bringing individuals and organisations together who actively work in cyber security. The aim of Cyber Security Unity is to foster greater collaboration in the industry to help combat the growing cyber threat. Our work is showcased through the provision of strong thought leadership via blogs, articles, white papers, videos, events, podcasts and more. For more information visit www.csu.org.uk.

Share This

Share This

Share this post with your friends!