Ransomware attacks are the key cyber threat facing the UK and the public and businesses must take it seriously, the head of the UK’s cybersecurity agency will say on Monday.
Lindy Cameron, the head of the National Cyber Security Centre (NCSC), which is part of GCHQ, will say it is ‘vital’ that the UK continues to build its cyber resilience to stop attacks from reaching their targets.
Giving the annual security lecture to the Royal United Services Institute (RUSI) defence and security think tank, Ms Cameron will warn of the ‘cumulative effect’ of the UK failing to manage ongoing cybercrime and, in particular, the increasing trend of ransomware attacks.
Ransomware is a form of cyber attack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner and has been used as part of a number of high-profile cyber attacks in recent years, including the 2017 attack on the NHS.
Ms Cameron will warn that cybercriminals are becoming increasingly sophisticated in their use of ransomware, and the UK must continue to improve its response.
‘Ransomware has historically been the preserve of high-end cybercrime groups with access to advanced technical skills and capabilities based in overseas jurisdictions who turn a blind eye, or otherwise fail to act, to pursue these groups,’ she is expected to say.
‘But the ecosystem is evolving through Ransomware as a Service, (RaaS); the business model where ransomware variants and lists of targets, credentials and other tools useful for ransomware deployment are available off the shelf for a one-off payment or a share of the profits.
‘As the business model has become more and more successful, with these groups securing significant ransom payments from large profitable businesses who cannot afford to lose their data to encryption or to suffer the down time while their services are offline, the market for ransomware has become increasingly professional.’
The NCSC boss will add that ‘a whole of government response’ is required in order to meet the threat.
‘This starts with the efforts to prevent the activities of the groups behind these damaging attacks,’ she will say.
‘International and diplomatic efforts need to be coordinated to stop these groups acting with impunity.
‘And it includes seeking the strongest criminal justice outcomes for those we apprehend. There are other players with a key role such as the cyber insurance industry which has a role to play in bearing down on the payment of ransoms and cryptocurrencies entities who facilitate suspicious transactions.
‘A coordinated response on ransomware, involving these key players, would have the added benefit of helping us meet broader national and strategic international objectives, making the UK a more resilient and prosperous place to live and do business online.’
In her lecture, the cybersecurity boss will also warn that think tanks in the UK are likely to become key targets for nation-state espionage groups as they seek to gain ‘strategic insights into government policy, trade agreements and commercially sensitive information’.