Cyber security news roundup: February 2022

Published on: 1 Mar 2022

We're rounding up some of the biggest cyber security stories of the past few weeks. In February, the war in Ukraine raised fears of cyber attacks against targets in the west, the NCSC issued a new alert about ransomware, and a government report highlighted the success of the UK's cyber security sector.

Firms urged to be prepared for new cyber attacks

Businesses throughout Europe and the US have been warned to be prepared for the possibility of increased cyber attacks as tensions between the west and Russia remain high due to the invasion of Ukraine.

The National Cyber Security Centre (NCSC) has called on organisations in the UK to improve their online defences, highlighting its guidance for times of heightened cyber threats. While the body, which is part of GCHQ, said it is not aware of any specific threats, it noted there has been a "historical pattern of cyber attacks on Ukraine with international consequences".

Elsewhere, US banks were also urged to check their resilience and contingency plans, with cyber security experts warning they could be particularly targeted for retaliatory attacks in the wake of new financial sanctions aimed at Moscow.

NCSC alert highlights latest ransomware trends

Businesses are set to face "increasingly sophisticated" ransomware attacks from criminal gangs, according to a new advisory issued jointly by the NCSC and its counterparts in the US and Australia.

The warning noted growing use of criminal 'ransomware for hire' services in the last 12 months, as well as increased sharing of victim information between different groups of cyber criminals, and a greater variety of methods used to extort money from victims.

Chief executive of the NCSC Lindy Cameron said: "Ransomware is a rising global threat with potentially devastating consequences but there are steps organisations can take to protect themselves. I strongly encourage UK CEOs and boards to familiarise themselves with this alert and to ensure their IT teams are taking the correct actions to bolster resilience."

UK cyber security sector enjoys record investment

The UK's cyber sector saw its busiest ever period in 2021, with revenue generated by these firms rising by 14 per cent to over £10 billion and a further 6,000 new cyber security jobs created, taking the number of professionals in this field to above 52,000.

This is according to the UK government's new Annual Cyber Sector Report, which found there were 1,838 active cyber security firms in the UK last year, of which more than half were based outside of London and the south-east. While around 300 UK firms have offices in international markets, the country also attracted overseas investment, with one in ten UK-based cyber companies headquartered in the US.

Digital secretary Nadine Dorries commented: "Cyber security firms are major contributors to the UK’s incredible tech success story. We are investing in skills training and business initiatives to help the UK go from strength to strength as a global cyber power and open up the sector to people from all walks of life."

Nvidia reports 'wide-ranging' cyber attack

US-based chipmaker Nvidia confirmed that it had experienced a wide-ranging ransomware attack on its networks that led to up to two days of outages in its email systems and tools used by developers.

According to the Telegraph, the company was "completely compromised" by the attack, although in a statement, Nvidia said its "business and commercial activities continue uninterrupted". Reports online suggested a South American-based hacking group has claimed responsibility for the attack and had around 1TB of data, including employee passwords.

There were also reports that the company had responded to the hack with an attack of its own, launching its own ransomware in an effort to delete the stolen data. Emsisoft threat analyst Brett Callow told ZDNet that while not common, this type of response has been seen before, noting: "Deploying ransomware on the attackers' network may prevent them from leaking whatever data they exfiltrated."