UK hit by more ransomware and cyberattacks last year than ever before

Britain’s central government, local government and utilities sector were each impacted by more ransomware attacks last year than in all previous years combined.

According to a recent update of the Information Commissioner’s Office (ICO) security incident trends data, 2023 set yet another record year for data breaches caused by cyber incidents, and for ransomware attacks in particular, which have increased year-on-year since records began in 2019.

It follows Recorded Future News previously revealing that within just the first six months of 2023, organizations operating critical IT infrastructure services in Britain had reported more incidents to government authorities in which cyberattacks had significantly disrupted their operations than in any year previously.

Although the uptick in ransomware incidents was not so exaggerated in other sectors as to have exceeded all previous years, the data suggests that 2023 was also a record year for the charitable and voluntary sector, the education and childcare sector, the financial sector, the legal sector, the online tech and telecoms sector, the retail sector, and for organizations in social care.

There are limitations to the ICO’s data. It does not provide a perfect view of how many attacks are taking place across the country as only those incidents which impact personal data are reported to the regulator. Even then the ICO has expressed concerns that organizations are not coming forward when they should.

Despite the limitations, the data is considered a good resource “in the absence of any other ransomware frequency metric or any other source of reporting,” according to Hans Allnutt, a partner at DAC Beachcroft who leads the law firm’s cyber risk practice, who spoke to Recorded Future News when we first examined the neglected dataset.

Jamie MacColl, a research fellow at the Royal United Services Institute (RUSI), has described it as  “likely the most comprehensive public dataset about the frequency of ransomware attacks in the UK.”

Beyond just ransomware attacks, cyber incidents hit a record number in the ICO’s data. There were 3,285 reported last year, a 52% increase on the 2,156 the year prior.

The ICO on Friday called for all organizations to do more to combat the growing threat of cyberattacks, fresh on the heels of the government disclosing that an attempt had been made to compromise the data of armed forces personnel from a payment system used by the Ministry of Defence.

Speaking to Parliament on Tuesday, Defence Secretary Grant Shapps said there was evidence of potential cybersecurity failings by the third-party contractor who ran the payment system “which may have made it easier for the malign actor to gain entry.”

In a statement on Friday, Stephen Bonner, the ICO’s deputy commissioner for regulatory supervision, said: “People need to feel confident that organisations are doing as much as they possibly can to keep their personal information secure. While cyber attacks are growing more sophisticated, we find that many organisations are not responding accordingly and are still neglecting the very foundations of cyber security.

“As the data protection regulator, we want to support and empower organisations to get this right. While there is no single solution to prevent cyber attacks, there is absolutely no excuse for not having the foundational controls in place.”