NCSC and ICO challenge myths around reporting cyber attacks
Image copyright Shutterstock
The misconceptions include the mistaken belief that reporting cyber attacks to the authorities makes it more likely the incident will become public, and that paying a ransom automatically makes the incident go away.
With cyber attacks continuing to cause significant disruption, the NCSC and ICO are concerned about incidents which go unreported because every 'hushed up' case that isn't shared or fully investigated makes other attacks more likely as no one can learn from them.
However, being open with the authorities will give victims access to expert support and advice and will be taken into account favourably by the ICO when considering their regulatory response.
The six ‘myths’ which the NCSC and the ICO have identified as commonly held by organisations that have fallen victim to cyber incidents are:
- If I cover up the attack, everything will be ok
- Reporting to the authorities makes it more likely your incident will go public
- Paying a ransom makes the incident go away
- I’ve got good offline backups, I won’t need to pay a ransom
- If there is no evidence of data theft, you don’t need to report to the ICO
- You’ll only get a fine if your data is leaked
Eleanor Fairford, NCSC Deputy Director for Incident Management, said: “The NCSC supports victims of cyber incidents every day, but we are increasingly concerned about the organisations that decide not to come forward.
“Keeping a cyber attack secret helps nobody except the perpetrators, so we strongly encourage victims to report incidents and seek support to help effectively deal with the fallout.
“By responding openly and sharing information, organisations can help mitigate the risk to their operations and reputation, as well break the cycle of crime to prevent others from falling victim.”