{"id":22615,"date":"2025-02-24T14:09:54","date_gmt":"2025-02-24T14:09:54","guid":{"rendered":"https:\/\/interface.media\/?p=22615"},"modified":"2025-02-24T14:10:03","modified_gmt":"2025-02-24T14:10:03","slug":"tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups","status":"publish","type":"post","link":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/","title":{"rendered":"Tightening ransomware requirements from Home Office throw the spotlight on backups"},"content":{"rendered":"\n<p>Ransomware attacks are on the increase despite concerted international efforts to disrupt ransomware business models. According to the Apricorn annual survey of IT and security decision makers, the risk of ransomware is rising steadily. This year, 31% stated their organisation had <a href=\"https:\/\/interface.media\/blog\/2025\/02\/10\/how-to-minimise-the-impact-of-a-cyber-attack\/\">suffered an attack<\/a> over the past twelve months <a href=\"https:\/\/interface.media\/blog\/2025\/01\/27\/the-uk-must-modernise-its-cybersecurity-strategy\/\">in the UK<\/a>. This figure is a noticable rise compared to 24% in 2023. Ransomware is now the most sought-after type of cover when organisations take out cyber insurance. Double the number of respondents required ransomware cover in 2024, up from 16% in 2023.<\/p>\n\n\n\n<p>Attempting to break this pattern, the Home Office has launched a new <a href=\"https:\/\/www.gov.uk\/government\/consultations\/ransomware-proposals-to-increase-incident-reporting-and-reduce-payments-to-criminals\">consultation<\/a>. The document seeks opinions in response to three new proposals by April, 2025. The first entails a targeted ban on the payment of ransoms in the public sector and by critical national infrastructure. The second is a payment prevention regime. This would require victims to report plans to pay before doing so, which could potentially be blocked by the government. And third, the government would make mandatory the reporting of ransomware incidents.\u00a0<\/p>\n\n\n\n<p>It&#8217;s not yet clear if incident reporting will apply across the board to all commercial organisations. It&#8217;s possible a threshold will determine the scale of attack that must be brought to the government&#8217;s attention. If the latter, reporting will be encouraged even among those who fall out of scope. This will help the government understand the scale, type and source of ransomware threats.\u00a0<\/p>\n\n\n\n<p>The report itself will need to be filed within 72 hours of the attack. A full report will then need to be provided within 28 days. The initial report will need to contain details on whether the organisation can recover using its existing resilience measures, like if it can use backups to restore data and resume operations.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-failed-ransomware-recoveries\">Failed ransomware recoveries<\/h3>\n\n\n\n<p>Worryingly, this is often far more difficult than organisations think. Despite having backup processes in place, these are not always fully tested. This can mean that, when the time comes, data restoration is only partially successful.\u00a0<\/p>\n\n\n\n<p>The Apricorn survey found that 50% of respondents had to resort to using their backups to recover data last year. Of those, only half were able to so successfully. A quarter of respondents had to settle for partial recovery and 8% were unable to recover any data at all.\u00a0<\/p>\n\n\n\n<p>To make matters worse, ransomware attackers are also actively targeting those backups to thwart recovery.&nbsp;<\/p>\n\n\n\n<p>The <a href=\"https:\/\/go.veeam.com\/ransomware-trends-executive-summary-2024-emea?st=adwordspaidsearch&amp;utm_source=google&amp;utm_medium=cpc&amp;utm_campaign=01P-BRS-PMIX_EMEA_EN_UK_Paid-Search_WP_Ransomware-Trends-2024_1AW&amp;utm_content=cid%7C21369171990_ntw%7Cg_adgr%7C164302484780_creative%7C702208448282_ext%7C_adposition%7C_locph%7C1006472_dev%7Cc_devm%7C_placement%7C_gclid%7CCjwKCAjw_4S3BhAAEiwA_64YhnW95WnvnBL8LqAqGUa9LEa1qjrx_YZPdw94L7NmxxDboHDYqPhU_xoCs7wQAvD_BwE_keyword%7Cveeam%202024%20ransomware%20trends%20report_matchtype%7Ce_trgt%7C_exten%7C_trgid%7Ckwd-2312223512119_geoloc%7C_ifmob%7C_ifpc%7C%5bPC_Tablet%5d_gsn%7C%5bGSearchN%5d_gdn%7C&amp;gad_source=1&amp;gbraid=0AAAAADfmZ-NZl5AtNtk92e0df82JjLF4q&amp;gclid=CjwKCAjw_4S3BhAAEiwA_64YhnW95WnvnBL8LqAqGUa9LEa1qjrx_YZPdw94L7NmxxDboHDYqPhU_xoCs7wQAvD_BwE\">2024 Ransomware Trends<\/a>&nbsp;report found that 96% of ransomware attacks are now aimed at backup repositories. The Apricorn survey found automated backup to both central and personal repositories has surged to 30%, up from 19% the year before, which is a positive step as it means less are doing so manually, a practice which can see errors occur or the user simply forget to backup their data. But with those repositories now being actively targeted, it\u2019s clear that organisations need to make backups of their backups.<\/p>\n\n\n\n<p>This is precisely the thinking behind the 3-2-1 strategy. It advocates that data be backed up at least three times, with at least two copies of that data held on different media, one of which should be offsite.&nbsp;<\/p>\n\n\n\n<p>One copy of the data should be offline, for example, effectively airgapping the data and a good example of this would be on an encrypted removable hard drive that can be disconnected from the network. In this way, the organisation can guard against the risk of their backups being compromised.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-testing-the-process\">Testing the process<\/h3>\n\n\n\n<p>Taking such proactive measures provides a belt and braces approach to recovery but it\u2019s also important to diligently test the recovery process on a regular basis. The Apricorn survey found 9% of those questioned acknowledged their systems were not robust enough to allow a rapid recovery from an attack, indicating there is still work to be done in this regard.&nbsp;<\/p>\n\n\n\n<p>But those that do get to grips with improving their backups stand to reap additional benefits. For instance, the survey found a striking 46% of respondents now consider robust backup policies as the most important factor for meeting cyber insurance compliance, a substantial increase from 28% in 2023.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-it-s-better-not-to-pay-nbsp\">It\u2019s better not to pay&nbsp;<\/h3>\n\n\n\n<p>There\u2019s also a growing realisation that paying a ransom offers little guarantee of the business being reunited with its data. The <a href=\"https:\/\/www.semperis.com\/wp-content\/uploads\/resources-pdfs\/ransomware-report-2024.pdf\">2024 Ransomware Risk Report<\/a> found that over a third of victims (35%) either did not receive decryption keys or received corrupted keys leaving them unable to recover their data. What\u2019s more, they were often extorted multiple times. Of the 78% that paid the ransom, 72% paid multiple times and 33% four times or more. It\u2019s also commonplace for victims to be targeted again if they pay, with 74% reporting being attacked multiple times.<\/p>\n\n\n\n<p>It&#8217;s for these reasons that organisations\u2019 approach to ransomware has to change with a move away from negotiations and payments to more resilient business processes that make recovery possible. The <a href=\"https:\/\/www.ncsc.gov.uk\/guidance\/organisations-considering-payment-in-ransomware-incidents\">advice<\/a> from the Information Commissioner\u2019s Office (ICO) and National Cyber Security Centre (NCSC) has always been not to simply resort to payment and that doing so does not fulfil the organisation\u2019s regulatory obligations in terms of mitigating the risk posed to data.&nbsp;<\/p>\n\n\n\n<p>The recommendation was to report the incident but the introduction of mandatory reporting will now formalise that process. In doing so it will make organisations much more aware of the need to detail the resilience measures they have in place and hopefully that will translate into much more diligent backup strategies.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jon Fielding, Managing Director, EMEA, at Apricorn, looks at rising ransomware attacks and the impact of changing government policy on how to respond to a breach. <\/p>\n","protected":false},"author":480,"featured_media":22616,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"apple_news_api_created_at":"2025-02-24T14:10:00Z","apple_news_api_id":"3ac40b6d-f045-493d-b3b1-940076a3dcb2","apple_news_api_modified_at":"2025-02-24T14:10:00Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/AOsQLbfBFST2zsZQAdqPcsg","apple_news_cover_media_provider":"image","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_cover_video_id":0,"apple_news_cover_video_url":"","apple_news_cover_embedwebvideo_url":"","apple_news_is_hidden":"","apple_news_is_paid":"","apple_news_is_preview":"","apple_news_is_sponsored":"","apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":[],"apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[3],"tags":[],"topic":[613],"class_list":["post-22615","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-interface","topic-cybersecurity"],"acf":[],"apple_news_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.6 (Yoast SEO v26.6) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Tightening ransomware requirements from Home Office throw the spotlight on backups - Interface<\/title>\n<meta name=\"description\" content=\"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Tightening ransomware requirements from Home Office throw the spotlight on backups\" \/>\n<meta property=\"og:description\" content=\"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/\" \/>\n<meta property=\"og:site_name\" content=\"Interface\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-24T14:09:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-24T14:10:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1365\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Dan Brightmore\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dan Brightmore\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/\",\"url\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/\",\"name\":\"Tightening ransomware requirements from Home Office throw the spotlight on backups - Interface\",\"isPartOf\":{\"@id\":\"https:\/\/interface.media\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg\",\"datePublished\":\"2025-02-24T14:09:54+00:00\",\"dateModified\":\"2025-02-24T14:10:03+00:00\",\"author\":{\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\"},\"description\":\"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.\",\"breadcrumb\":{\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage\",\"url\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg\",\"contentUrl\":\"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg\",\"width\":1365,\"height\":768,\"caption\":\"Fantastic Radial Cell Structure Vector Turquoise Colour Abstract Background. Spreading Of Mysterious Alien Microorganism Psychedelic Drug Trippy Art Illustration. Unusual Liquid Structure Texture\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/interface.media\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tightening ransomware requirements from Home Office throw the spotlight on backups\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/interface.media\/#website\",\"url\":\"https:\/\/interface.media\/\",\"name\":\"Interface\",\"description\":\"Delivering World Class Content \u201cFrom Executive, For Executive\u201c\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/interface.media\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748\",\"name\":\"Dan Brightmore\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/interface.media\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g\",\"caption\":\"Dan Brightmore\"},\"url\":\"https:\/\/interface.media\/blog\/author\/dbrightmore\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Tightening ransomware requirements from Home Office throw the spotlight on backups - Interface","description":"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"Tightening ransomware requirements from Home Office throw the spotlight on backups","og_description":"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.","og_url":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/","og_site_name":"Interface","article_published_time":"2025-02-24T14:09:54+00:00","article_modified_time":"2025-02-24T14:10:03+00:00","og_image":[{"width":1365,"height":768,"url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg","type":"image\/jpeg"}],"author":"Dan Brightmore","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Dan Brightmore","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/","url":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/","name":"Tightening ransomware requirements from Home Office throw the spotlight on backups - Interface","isPartOf":{"@id":"https:\/\/interface.media\/#website"},"primaryImageOfPage":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage"},"image":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage"},"thumbnailUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg","datePublished":"2025-02-24T14:09:54+00:00","dateModified":"2025-02-24T14:10:03+00:00","author":{"@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748"},"description":"Jon Fielding, Managing Director, EMEA, at Apricorn, looks at changing government policy on how to respond to a ransomware.","breadcrumb":{"@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#primaryimage","url":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg","contentUrl":"https:\/\/interface.media\/wp-content\/uploads\/sites\/3\/2025\/02\/iStock-1545674192.jpg","width":1365,"height":768,"caption":"Fantastic Radial Cell Structure Vector Turquoise Colour Abstract Background. Spreading Of Mysterious Alien Microorganism Psychedelic Drug Trippy Art Illustration. Unusual Liquid Structure Texture"},{"@type":"BreadcrumbList","@id":"https:\/\/interface.media\/blog\/2025\/02\/24\/tightening-ransomware-requirements-from-home-office-throw-the-spotlight-on-backups\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/interface.media\/"},{"@type":"ListItem","position":2,"name":"Tightening ransomware requirements from Home Office throw the spotlight on backups"}]},{"@type":"WebSite","@id":"https:\/\/interface.media\/#website","url":"https:\/\/interface.media\/","name":"Interface","description":"Delivering World Class Content \u201cFrom Executive, For Executive\u201c","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/interface.media\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/interface.media\/#\/schema\/person\/7c33499ca8e42b097028109cccb22748","name":"Dan Brightmore","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/interface.media\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9ca282f0ef431735a64685769ad57886e24b074c4c58314392755fb79164164?s=96&d=mm&r=g","caption":"Dan Brightmore"},"url":"https:\/\/interface.media\/blog\/author\/dbrightmore\/"}]}},"_links":{"self":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/users\/480"}],"replies":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/comments?post=22615"}],"version-history":[{"count":1,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22615\/revisions"}],"predecessor-version":[{"id":22617,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/posts\/22615\/revisions\/22617"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media\/22616"}],"wp:attachment":[{"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/media?parent=22615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/categories?post=22615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/tags?post=22615"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/interface.media\/wp-json\/wp\/v2\/topic?post=22615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}