British intelligence is tipping off ransomware targets to disrupt attacks
On average, every 72 hours for the past three months, cyber experts inside one of the United Kingdom’s security and intelligence services have detected the beginnings of a new ransomware attack against a British organization and then tipped off the target in a bid to prevent the attack from being executed.
The experts have built a unique system using the intelligence community’s access to several information feeds unavailable to anyone else — alongside public, commercial and closed-source inputs — that has almost certainly prevented a significant number of ransomware attacks from succeeding, according to multiple sources who briefed Recorded Future News on the condition of anonymity.
They say the free system, called Early Warning — run by the National Cyber Security Centre (NCSC), a part of GCHQ — could help a larger number of U.K. organizations tackle cybersecurity threats before they become full-blown incidents. But more organizations need to sign up to receive these alerts, the sources said.