ammonnews.net

Ammon News - The National Cyber Security Center (NCSC) has issued a call to action for institutions across the country, urging them to immediately report any suspicion of ransomware threats, in light of the recent surge in cyber attacks.

In a statement on Sunday, the Center revealed that numerous institutions targeted by ransomware fail to notify the authorities, thereby violating the Cyber Security Law, which mandates reporting of all cybersecurity breaches to the center.

"This crucial reporting enables the NCSC to take swift and necessary actions to contain the attack, prevent its propagation to other entities within the country, and leverage its resources to aid in the recovery of critical information and services," the statement added.

Recent findings by the Center indicate a significant surge in ransomware incidents impacting national companies, government entities, academic institutions, and private businesses across Jordan since the start of the current year. Such attacks have severely disrupted their operations, hampering their ability to deliver essential services and, in certain cases, leading to irrecoverable data losses.

The Center highlighted that particularly concerning instances are where entities lack comprehensive business continuity and disaster recovery plans. Regrettably, the extent of financial losses incurred by these institutions remains difficult to accurately quantify.

Additionally, the NCSC pointed to the existence of a specialized intelligence unit, working in collaboration with other security agencies, to gather and analyze intelligence on cyberattacks originating from international hacking and piracy groups targeting national institutions. This unit possesses the capability to monitor and trace these cyber campaigns, effectively identifying the affected national entities.

Consequently, the Center stresses the utmost importance of timely reporting from all national institutions, as it serves the greater national interest and offers considerable benefits to the victims.

To enforce compliance with cybersecurity protocols, the Cyber Security Law empowers the Center to impose financial penalties on entities found to be non-compliant with reporting regulations. As a consequence, the Center will not hesitate to impose fines on institutions failing to report cyber incidents, as such negligence poses a substantial threat to the country's cyber security.

Ransomware attacks represent a dangerous breed of malicious software used by cybercriminals. Once a computer or network is infected, the ransomware program immediately restricts access to the system or encrypts valuable data. The criminals responsible then demand a ransom, typically in the form of cryptocurrency such as Bitcoin, as payment for decrypting the data. Unfortunately, in many instances, even if the targeted institutions acquiesce to the demands and pay the ransom, successful data recovery remains uncertain.

Adding further complexity to these attacks, criminals have adopted a dual extortion approach, leveraging the threat of publishing or selling stolen information on illicit websites that exist within the dark web.