Ransomware biggest online threat to people in UK says NCSC chief

G7 nations also pledge to work together “to urgently address the escalating shared threat”

Posted 15 June 2021 by Christine Horton

Ransomware is biggest online threat to people in UK, according to the head of the National Cyber Security Centre (NCSC).

Lindy Cameron, chief executive of the NCSC said that ransomware is escalating and becoming increasingly professionalised.

Her comments were originally reported by The Guardian ahead of a speech Cameron was making Monday to the Rusi thinktank.

Cameron will say that while spying online by Russia, China and other hostile states remains a “malicious strategic threat”, it is the ransomware crisis that has become most urgent.

“For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cybercriminals,” she said.

There have been a spate of high-profile ransomware attacks recently, The Health Service Executive (HSE), which is responsible for healthcare and social services across Ireland, was forced to shut down all its IT systems following a ransomware attack.

Elsewhere, Colonial Pipeline, which supplies almost half of fuel to the United States eastern seaboard, was also hit by a ransomware attack. Recently too, meat processor JBS was recently hit with a ransomware attack by the REvil criminal group, paying the $11 million ransom.

Cameron said the market for ransomware had become increasingly “professional” as criminal hackers made money “from large profitable businesses who cannot afford to lose their data … or to suffer the down time”.

The Guardian noted that Travelex, a UK-based provider of foreign exchange services, paid $2.3 million last year to regain control after hackers shut down its networks. The company subsequently fell into administration and had to be restructured with the loss of 1,300 jobs.

Government action

The increase in ransomware attacks have led to governments in both the US and UK to urge organisations to take such threat seriously. The UK government is currently considering a new cybersecurity framework for MSPs to prevent third-party attacks.

At the G7 summit in Cornwall on Sunday, leaders of the leading industrial nations agreed to take steps to tackle the problem. The summit’s final communique called on Russia to “hold to account those within its borders who conduct ransomware attacks” and said G7 nations would work together “to urgently address the escalating shared threat”.

Raghu Nandakumara, fieldCTO at cybersecurity vendor Illumio said it is a positive move from the UK government that they are looking to directly address the threat from ransomware.

“If we want ransomware to be less of a threat going forward, businesses need the respective governments to wield both a carrot and a stick – they need to provide direct incentives to organisations who show that they are taking their cyber security seriously, and a stick to wield against those who don’t and then leave themselves and their customers open to being exploited,” he said.

“The truth is that many organisations are woefully unprepared for such an attack, with the majority having no backup and recovery process in place or the right security protection to defend themselves. Key to this effort includes regular scanning of email and web apps for suspicious content, robust firewall protection and backup solutions to restore important files in the event of such an attack,” said Charlie Smith, consulting solutions engineer at Barracuda Networks.

“Ransomware poses a huge threat to UK PLC and the sooner we all wake up and recognise it, the better.”

Research by Barracuda found 44 percent of all observed ransomware attacks in 2020 were aimed at local government.