Increasingly 'professional' ransomware attacks greatest threat to UK
Ransomware is the key threat facing the UK and both businesses and members of the public need to take it seriously, the chief executive officer of the UK’s National Cyber Security Centre has warned.
Speaking virtually to an audience at the Royal United Services Institute (RUSI) Annual Security Lecture, Lindy Cameron warned of the “cumulative effect” of failing to properly deal with the rising threat.
“For most UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cyber criminals, and in particular the threat of ransomware,” she said.
“While government is uniquely able to disrupt and deter our adversaries, it is network defenders in industry, and the steps that all organisations and citizens are taking that are protecting the UK from attacks, day in, day out.
“The protection they provide is crucial to the digital transformation of the economy, and every organisation, large and small, has a role to play.”
On the recent rise in ransomware attacks, Ms Cameron noted that the ecosystem is evolving through the Ransomware as a Service (RaaS) model, whereby ransomware variants and commodity listings are available off the shelf for a one-off payment or a share of the profits.
As the RaaS model has become increasingly successful, with criminal groups securing significant ransom payments from large profitable businesses who cannot afford to lose their data to encryption or to suffer the down time while their services are offline, the market for ransomware has become increasingly “professional”.
Ms Cameron highlighted the importance of building organisational cyber resilience which, in combination with government capabilities and law enforcement action, is the most effective way to counter threats in cyberspace.
See also: Perfect Storm