Respond and recover from cyber attacks

Government, public services, education, healthcare, manufacturing, financial, energy and food supply sectors remain prime targets for cybercriminals, who continue to find new ways to home in on and attack these critical services.

The rapid evolution of technology, and use of AI, has provided cybercriminals with new skills to attack and exploit weaknesses in digital infrastructures.

Phishing and associated Malware and Ransomware attacks continue at scale and in some cases, increased complexity.

It is essential therefore that we are prepared, at all levels, as individuals and as organisations. We need to be aware of the threat and able to respond to and recover from a cyber-attack.

If as an individual or organisation you have been victim to a scam or ransomware attack, where your network, device or accounts might have been compromised and files are encrypted, the links below will provide you with resources to support recovery.

Respond & recover - NCSC.GOV.UK provides resources for you and your family, for sole traders, small organisations through to medium and large organisations supporting that awareness and recovery.

NCSC Early Warning - NCSC.GOV.UK is another free resource for organisations. Supported by their colleagues at the NCSC, it provides early notification to the presence of malware and vulnerabilities affecting your network. The service delivers an average of 2,000 alerts each month to its users, offering potentially invaluable time to detect and stop a cyber incident. This service will complement your existing security control and should not be used as your only layer of cyber defence.

If you are unsure whether to report the matter as a cyber incident, using the Report a Cyber Incident - Report a Cyber Incident - NCSC.GOV.UK guidance will support your decision making.

Additional resources

Small Business Guide: Cyber Security - NCSC.GOV.UK - The National Cyber Security Centre's (NCSC) Small Business Guide offers straightforward, cost-effective advice to help small businesses defend against common cyber threats. Recognising that small and medium-sized enterprises face a significant risk of experiencing a cyber security breach, the guide provides practical steps to enhance cyber resilience. By implementing these measures, businesses can significantly reduce their vulnerability to cyber-attacks. For more comprehensive protection, organisations are encouraged to consider the NCSC's Cyber Essentials certification and explore the 10 Steps to Cyber Security framework.

Incidents impacting retailers – recommendations from the NCSC - NCSC.GOV.UK - The NCSC has issued a warning to UK retailers about a surge in cyberattacks, particularly those involving impersonation of IT help desks. Criminal groups, such as Scattered Spider, have been using social engineering tactics to deceive IT personnel into resetting passwords, granting unauthorised access to critical systems. By adopting these measures, retailers can bolster their defences against evolving cyber threats.

Cyber Security toolkit for retail - The British Retail Consortium, in collaboration with the NCSC, has developed the Cyber Resilience Toolkit for Retail to assist retailers in strengthening their cyber defences. This practical guide is tailored for business leaders, board members, and startups, offering actionable steps to mitigate cyber threats. By following the guidance provided, retailers can enhance their cybersecurity posture, ensuring better protection for their operations and customer data.

Secured by Design - Internet of Things – IoT Cyber Security Advice - Secured by Design, the official UK police security initiative, provides comprehensive cyber security guidance for Internet of Things devices to help consumers and businesses mitigate cyber threats.

Cyber Essentials - Cyber Essentials - The IASME Cyber Essentials scheme is a UK government-backed certification designed to help organisations of all sizes protect against common cyber threats. Achieving Cyber Essentials certification not only enhances an organisation's cyber security posture but also demonstrates commitment to protecting data, which can be advantageous when bidding for contracts that require such certification.

Police CyberAlarm - Police CyberAlarm is a free, government-funded service supported by UK police forces to help organisations monitor and report suspicious cyber activity. Since its launch, it has identified over a billion suspicious events, providing members with actionable intelligence to prevent cyberattacks.

If you have been a victim of crime, and it is not an ongoing emergency, you can report this to Police Scotland on 101.