Ransomware warning for businesses

Lindy Cameron, the Chief Executive of the UK's National Cyber Security Centre (NCSC), has warned at a recent cyber conference that ransomware is the most immediate danger to UK businesses, highlighting several recent cyber incidents, including one which the UK and the US attributed to hackers working on behalf of China.

"We have also seen real world impact over the last year from a spate of ransomware attacks,"

she added, referencing the attacks on Ireland's Health Service, Hackney Council, and the Colonial Pipeline that led to fuel shortages in the US.

Ransomware is a type of malware that attackers can deploy on a victim's computer network to encrypt their files. The attackers then blackmail the victim to pay huge ransoms, often in Bitcoin, to decrypt their files and give access back.

Other extortion methods involve stealing sensitive files and threatening to release them online. If published, these files, which can relate to sensitive business deals or may include customer information, could damage the victim company or personal reputations. Former footballer David Beckham featured in such a leak when embarrassing emails were released at a time when he was being considered for New Year honours.

"Ransomware presents the most immediate danger to UK businesses and most other organisations," said Cameron, "from FTSE 100 companies, to schools; from critical national infrastructure to local councils. "We expect ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay. We have been clear that paying ransoms emboldens these criminal groups - and it also does not guarantee your data will be returned intact, or indeed returned at all."

Cameron also referred to the threat posed by private spyware companies such as NSO Group. The Israeli hacking business was accused of assisting regimes in targeting journalists, political dissidents, and human rights activists according to reports earlier this year.

NSO Group claims its spyware was only used by governments to hack the mobile phones of terrorists and serious criminals, but a series of High Court rulings recently found that Dubai's ruler had used the software to spy on his ex-wife and her lawyers during a legal custody battle.

"This demonstrated something we have raised a red flag about before – the commercial market for sophisticated cyber exploitation products,” Cameron continued. "Those with lower capabilities are able to simply purchase techniques and tradecraft – and obviously these unregulated products can easily be put to use by those who don’t have a history of responsible use of these techniques.”

To discuss cyber security for your business, contact our team at the NEBRC at: enquiries@nebrcentre.co.uk