On Sunday, the National Center for Cybersecurity called on institutions that are exposed to ransomware attacks to inform the center to contain the incident.

The center said in a statement: The National Center for Cybersecurity noted that many institutions that are exposed to ransomware attacks do not inform the center of this, in violation of the cybersecurity law, which obliges all parties in the public and private sectors to inform the center when they are exposed to any cybersecurity incident even He is able to take the necessary measures to contain the incident and ensure that it does not spread to other parties in the Kingdom, as well as to benefit from the capabilities of the center in helping these parties to recover from attacks and restore their information and services.

The center indicated a significant increase in the number of ransomware incidents that national companies and institutions have been exposed to since the beginning of the current year 2023, compared to previous years, as governmental and academic agencies and private sector companies were subjected to many ransom attacks, which affected the work of these agencies and their ability to provide their services. And its activities, and to the loss of its information in some cases, especially those agencies that do not have plans for business continuity and disaster recovery plans, in addition to the material losses incurred by these agencies and for which accurate statistics are not available.

The center stated that it has a specialized intelligence unit that, in cooperation with other security agencies, collects and analyzes intelligence related to the breaches that national institutions are exposed to by international hacking and hacking groups. The national authorities need to report the accidents that they are exposed to, because this is in the national interest and a great benefit for them.

The Cyber ​​Security Law granted the Center the powers to impose financial fines on entities that do not comply with the law, regulations, and instructions issued pursuant thereto, and the Center will fine entities that do not report cyber incidents to which they are exposed, because that would harm and endanger national cyber security.

Ransomware is a type of malware (malicious software) used by cybercriminals, and if a computer or network is infected with ransomware, that program blocks access to the system or encrypts existing data, then criminals demand a ransom, usually In bitcoins, they are paid by their victims in exchange for decryption of the data, and in many cases, organizations do not succeed in recovering their information even if they pay and get the decryption keys.

Criminals use double extortion by threatening to publish and sell information obtained through hacking on illegal sites spread on the dark web (darkweb).

(The kingdom)