top of page

Is the social care sector at risk from ransomware?

Updated: Jan 24

Between April 2022 and March 2023, the UK was the second most attacked country in the world for ransomware according to research conducted by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. Ransomware attacks have continued as a significant threat last year and we predict they will continue to be so in 2024.

And, unfortunately for sectors such as social care, which continue to operate on less-sophisticated IT systems, with limited, if any cyber security protocols as well as valuable client data, they are easy targets.

What is ransomware?

This is a malicious attack against a network where the criminals get access to data and either steal it, threaten to delete it or encrypt it. The criminals will then demand a payment for the return of the data. Imagine how this could affect your social care organisation - personal data relating to your clients or staff, the operations of your business or contacts with others - these could all be compromised or lost.

The reality is that ransomware is now viewed as a business model and many entities behind these attacks will present themselves as being on the same side as the victim. So, in return for the payment your organisation will often be supported through a process which will return the data that has been encrypted / stolen. And yet, paying the ransom does not guarantee the return of the data and certainly does not mean that it won’t be sold on or published at some point in the future. Also, your network will still be infected, and you are more likely to be targeted again at another point in time.

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of data and permanent loss of reputation. But there are things you can do.

Can you protect yourself from these attacks?

Ransomware is always preceded by an attack on the network itself, commonly through use of stolen credentials, a phishing e-mail or brute force attack. These attacks are increasing in complexity and sophistication meaning that defence against these dark arts needs continual review. But the key points for protection to remember, are:

1.       Make your network resilient and practice good cyber hygiene – using Cyber Essentials (CE) principles. As a member of the WCRC we will guide you through the process of preparing for Cyber Essentials.

2.       Make sure staff awareness training is up to date – spotting a phishing e-mail early will prevent a lot of pain further on down the line. Have a look at the Cyber Ninja Training Scheme that focusses on increasing personal knowledge and organisational awareness of cyber safety and boost resilience.

3.       Make sure all staff know the symptoms of an ongoing ransomware attack and respond quickly to it using a prepared incident response plan.

4.       Identify common points of failure across the network – patch vulnerabilities and restrict access from malicious sites and IP addresses – the important thing is to understand where your main vulnerabilities are, then deal with them first.

What next?

Join our cyber community for free with our WCRC Core Membership where you will be supported through implementing the changes you need to make to protect your organisation further.



The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page