Head of the National Cyber Security Centre (NCSC), Lindy Cameron, has singled out Russia as the biggest perpetrator of ransomware attacks.
Speaking at a Chatham House Cyber conference, Cameron said that ransomware attacks pose a threat to everyone, from schools to large corporations.
New cybersecurity research recently found that two-thirds of organisations have been targeted by at least one ransomware attack.
Cameron warned that companies were unprepared to defend against threats and had not done enough rigorous testing to their cybersecurity protocols.
Just last week, Glasgow-headquartered Weir Group revealed it was the victim of a “sophisticated attempted ransomware” attack in September which impacted operations.
There had been – relatively speaking – a lull in Russian nation state attacks recently but cybersecurity experts have put this down to hackers taking a break for their summer holidays as opposed to any real shift away from these kinds of attacks or increase in security preparedness.
In her speech, Cameron said the UK’s aim is to deliver proactive campaigns to disrupt the activities of ransomware gangs, including leveraging the newly-established National Cyber Force to carry out offensive hacking operations.
Cameron citied the pandemic as being a catalyst to ransomware attacks, saying: “Malicious actors continue to try and access Covid related information, whether that is data on new variants or vaccine procurement plans,” she said.
“Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public.”
Cameron also went on to warn against the threat posed by “authoritarian states like China” – who have the ability to create and sustain advanced ransomware economies that undermine the UK’s security.
She said the UK needed to be “clear eyed” and protect itself “against Chinese practices that have an adverse effect on our own prosperity and security”.
“We need to avoid a marketplace for vulnerabilities and exploits developing that makes us all less safe,” she said.