The Gibraltar Regulators Forum, composed of the Gibraltar Regulatory Authority, the Gibraltar Financial Services Commission, the Legal Services Regulatory Authority, the Gibraltar Gambling Division, and the Gibraltar Financial Intelligence Unit, has released the results of a comprehensive ransomware survey, providing critical insights into the prevalence, impact, and preparedness of organisations in Gibraltar against ransomware attacks.
The Financial Action Task Force (FATF) have recently highlighted the risks of cyber-enabled fraud and ransomware which are now among the most profitable crimes globally.
Here are some of our key findings:
◾ Ransomware is perceived as a significant threat by most organisations, with 79% of respondents expressing concern indicating that there is widespread acknowledgment of the risks associated with ransomware attacks.
◾ 73% of respondents view "professional criminals" as the predominant threat actors behind ransomware attacks, while 21% believe these attacks are "state-sponsored". Only 6% think "novice criminals" are the primary actors, indicating a general understanding of the sophisticated nature of ransomware threats.
◾ 80% of organisations in Gibraltar have designated a department or individual responsible for cybersecurity, 68% have identified and documented the risks, and 74% have provided relevant training to staff. Despite these efforts, only 24% have a strict no-payment policy regarding ransom demands and 54% do not have a formal policy.
◾ Preventative measures such as antivirus software, data backup and recovery procedures, and regular software updates are well adopted. However, nearly half of the organisations (47%) lack a formal incident response plan, which could lead to inadequate responses during an attack.
◾ A number of organisations in Gibraltar reported being victims of ransomware attacks, with a few experiencing an attack once or experiencing two attacks. Most attacks were initiated through email phishing, with others resulting from unpatched software or third-party suppliers. The impact of these attacks varied, with productivity loss, system downtime, and financial losses reported. Interestingly, no organisations paid ransom demands, and most were able to restore lost data from backups.
◾ While many organisations have implemented fundamental preventative measures, gaps in preparedness remain, particularly in incident response planning and policies on ransom negotiation. The variability in cybersecurity practices across organisations highlights the need for continued efforts to strengthen cybersecurity measures.
The Survey's results provide valuable insight of the current state of ransomware preparedness within Gibraltar, revealing both strengths and vulnerabilities. The Gibraltar Regulators Forum is grateful for those organisations and individuals who have supported the Survey and look forward to conducting further research in the future.