Summary of the NCSC’s latest report on Ransomware

Published: 15 November 2023

A new report released by the NCSC (National Cyber Security Centre) and the NCA (National Crime Agency) has highlighted the shift in cyber-attacks towards a “Ransomware-as-a-Service” (RaaS) Model. The reasons for this strategy change, which has been prevalent since 2017, is to Maximise Profits and increase efficiency for cybercriminals. “RaaS” can be defined as a cybercrime business model where a ransomware group or gang sells ransomware code to other hackers who then use it to carry out their own attacks. This poses a significant risk to any business as it increases the number of people capable of inflicting a ransomware attack. The focus on maximising efficiencies and profits has seen cybercriminals become dependent on a complex ‘Cyber Crime Ecosystem’. This blog with delve into the significance of Ransomware, the cybercrime ecosystem and how to get in touch with Xperience for help.

RaaS an ever-present threat in 2023

Ransomware attacks have been growing in occurrence since 2017, and the increase in ransomware as service offerings has meant that an advanced knowledge of computing is no longer necessary for cyber criminals to carry out an attack. The UK is a top target for Ransomware attackers due to our businesses and institutions being among the foremost in the world. We have large amounts of capital, information, and a lot to lose if widespread disruption is caused. This news should not be taken lightly as any business can be a target. Ransomware is the method of choice for hackers as they can easily target victims with security patches and outdated operating systems. This makes the attack an efficient method for hackers as it is low effort high reward in some cases.  There have been some reports of Ransomware attacks happening in as little as 45 minutes.

Cyber Crime ecosystems

Most large-scale Cyber-attacks that reach the press and are focused on enterprise level businesses or large institutions and are carried out by complex teams of nefarious actors however this report highlights that there are several smaller, less organised groups that offer criminal services. These smaller groups often work and support one another trading their services on illicit forums and marketplaces; much like an ecosystem.

RaaS has allowed these smaller companies to work together to make a large impact, as they do not have to go through the process of hacking a business, the “customer” pays to launch the Ransomware attack that has been developed and proven in the background similar to purchasing software for your business. This makes the technical skills barrier to entry lower for aspiring cyber criminals. With this increased risk it is important to have appropriate measures in place, through the development of a clear cyber security strategy. The report goes on to describe how opportunistic attacks are much more common than premeditated and planned ones, other reports separate from the NCSC’s echo this claiming “muggings are more common than multi-million pound heists”, again highlighting the risk to any business of any size and complexity.


The NCSC’s report has highlighted the current threat of Ransomware in today’s world. Cyber criminals have been using this method for a number of years now and with services such as RaaS being so popular it is showing no signs of slowing down. The NCSC report does highlight that since circa 2018 businesses have been getting better at preparing for and responding to threats, but the people who do fall victim usually have neglected their Cyber hygiene; highlighting the need for strong defence policies.

If you would like to learn more about the threat of Ransomware, and how we can help then we encourage you to reach out to our Cyber Security team for a consultation call.


Read More

The limitations to Edge Defence and Anti-Virus Software

3 June 2024

Edge Defence and Anti-Virus Software: Why you need more in your cyber armour to protect your business in 2024.

Why using multiple layers of backup is a necessity

11 April 2024

It's important to backup. Ransomware risks continue to rise and files can become corrupted. Read our blog to find out more.

MFA: why you need additional Cyber Security defence  

14 March 2024

MFA (Multi Factor Authentication) is a great tool for adding an extra cyber protection, however it's not enough on its own.

Is an annual penetration test really necessary?

13 March 2024