Ransomware presents 'most immediate danger' to UK – cyber-crime head

Ransomware presents ‘the most immediate danger to UK businesses’, with cyberattacks linked to Covid-19 also likely to be prevalent for years to come, cyber-crime head warns

  • Ransomware attacks present ‘most immediate danger’ to UK – cyber-crime boss
  • Lindy Cameron was marking first year as head of National Cyber Security Centre 
  • Cyber attacks linked to Covid ‘also likely to be prevalent for many years to come’
  • Ms Cameron warned that businesses need to do more to protect themselves

Ransomware is ‘the most immediate danger’ of all cyber threats faced by the UK, according to the head of Britain’s cybersecurity agency, and businesses need to do more to protect themselves.

Lindy Cameron, the chief executive of the National Cyber Security Centre (NCSC), also said that cyberattacks linked to Covid-19 are likely to be prevalent for years to come.

She warned that cybercriminals continue to see ransomware as an ‘attractive route’ as long as firms do not adequately protect themselves or agree to pay the ransom when attacked – something the NCSC has encouraged companies not to do. 

Ransomware is a form of cyberattack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner.

It has been used as part of a number of high-profile cyberattacks in recent years, including the 2017 attack on the NHS. 

Warning: Ransomware is ‘the most immediate danger’ of all cyber threats faced by the UK, according to the head of Britain’s cybersecurity agency (stock image) 

WHAT IS RANSOMWARE? 

Cybercriminals use ‘blockers’ to stop their victim accessing their device.

This may include a mesage telling them this is due to ‘illegal content’  such as porn being identified on their device. 

Anyone who has accessed porn online is probably less likely to take the matter up with law enforcement. 

Hackers then ask for money to be paid, often in the form of Bitcoins or other untraceable cryptocurrencies, for the block to be removed.

In May 2017, a massive ransomware virus attack called WannaCry spread to the computer systems of hundreds of private companies and public organisations across the globe.

‘Ransomware presents the most immediate danger to UK businesses and most other organisations,’ said Ms Cameron, who was speaking at Chatham House’s Cyber 2021 Conference and marking her first year as NCSC chief.

‘Many organisations – but not enough – routinely plan and prepare for this threat, and have confidence their cybersecurity and contingency planning could withstand a major incident. 

‘But many have no incident response plans, or ever test their cyber defences.

‘We expect ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay. 

‘We have been clear that paying ransoms emboldens these criminal groups – and it also does not guarantee your data will be returned intact, or indeed returned at all.’

Ms Cameron also warned that criminals and state-backed groups will continue to use the pandemic as a vehicle for cyber attack – whether it be to target information around vaccines or by stoking fears to carry out scams.

‘The coronavirus pandemic continues to cast a significant shadow on cybersecurity and is likely to do so for many years to come,’ she said.

‘Malicious actors continue to try and access Covid-related information, whether that is data on new variants or vaccine procurement plans.

‘Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public.’

She named Russia and China as the biggest threats to national cybersecurity – noting this would not come as a surprise to industry experts – and also named Iran and North Korea as threats, but added that the ‘vast majority of hostile cyber activity’ that people in the UK will experience will come from ‘criminals, rather than nation states’.

Lindy Cameron, the chief executive of the National Cyber Security Centre (NCSC), also said that cyberattacks linked to Covid-19 are likely to be prevalent for years to come

The cybersecurity chief said the key defence against attack was ‘resilience’ by improving security in general but also boosting skills and understanding of cyber threats across businesses and the public, arguing that ‘responsibility for understanding cybersecurity risk does not start and end with the IT department’.

‘We need Britain’s businesses and organisations to understand the threats they face,’ she said.

‘And we need the Great British public to have the skills to help them stay safe and technology that removes the security burden on their daily lives, making them safer by default.

‘Cybersecurity is absolutely critical to delivering key Government strategies from boosting national resilience to making the UK a science and technology superpower.

‘To meet the challenge of the future, we must not only build on our successes to date, but take our cybersecurity to the next level of scale and automation to meet the threats we will face in the next decade.

‘Improving our resilience also plays a key role in deterring cyber attacks as our adversaries will see that an attack against the UK is likely to be less effective and the perceived benefits will be reduced.’

WHAT WAS THE WANNACRY ATTACK?

In May 2017, a massive ransomware virus attack spread to the computer systems of hundreds of private companies and public organisations across the globe.

The software locked computers and asked for a digital ransom before control is safely returned.

In just a few hours, the malware had already infected victims in at least 74 countries, including Russia, Turkey, Germany, Vietnam, and the Philippines – and was estimated to be spreading at a rate of five million emails per hour.

Hospitals and doctors’ surgeries in England were forced to turn away patients and cancel appointments after the attack crippled the NHS. 

The WannaCry virus targeted Microsoft’s widely used Windows operating system.

The virus encrypts certain files on the computer and then blackmails the user for money in exchange for the access to the files.

It leaves the user with only two files: Instructions on what to do next and the Wanna Decryptor program itself.

The hackers asked for payments of around £230 ($300) in Bitcoin.

When opened the software tells users that their files have been encrypted and gives them a few days to pay up or their files will be deleted.

It can quickly spread through an entire network of computers in a business or hospital, encrypting files on every PC.

Source: Read Full Article