14 DAY TRIAL // According to the head of cybersecurity at GCHQ, ransomware is the biggest cybersecurity threat to most people and organizations in the UK, says The Guardian.
Lindy Cameron, CEO of National Cyber Security Center, points out that the problem of hackers encrypting data and demanding cash for recovery is escalating and becoming more professionalized.
Cameron plans to tell the Rusi think tank on Monday that while Internet surveillance by Russia, China, and other hostile states remains a malign strategic threat, the ransomware epidemic has become increasingly pressing.
Cameron stated, “For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cybercriminals".
Ransomware cases have increased dramatically over the past two years, mostly because former Soviet governments tend to turn a blind eye to these actions. The result is that criminals make tens of millions by extorting money from businesses.
Colonial Pipeline, a major U.S. oil network, was shut down in May after hackers gained access with a single compromised password. Gasoline prices rose briefly due to panic buying.
To restore access to its systems, the company paid $4.4 million to a cybercriminal gang known as Dark Side, believed to be based in Russia or other parts of Eastern Europe. The U.S. government eventually recovered much of it.
The ransomware market has become more professional
Cameron highlights that the ransomware market has become more professional as criminal hackers take money from highly profitable companies that cannot afford to lose their data or suffer downtime.
The groups often research their targets and tailor their demands to the size of the client: For example, small businesses such as hairdressers have been targeted, demanding payments of £1,500. However, most targets are larger businesses that are rendered inoperable by the raid.
Leaders of the world's major industrialized nations decided on Sunday at the G7 summit in Cornwall to do something about the problem. The meeting's final communique called on Russia to hold accountable those within its borders who carry out ransomware attacks and said G7 nations would work together to urgently address the rising common threat.
NATO is also set to agree on a new cyberspace defense policy at its annual summit in Brussels on Monday, with the backing of Britain.
Russia denies harboring cybercriminals and has previously stated that hackers are everywhere. However, according to Western experts, most hacking gangs are based in the country and are allowed to operate if they focus their efforts on targets outside the country.
Cameron did not mention Russia in the pre-released excerpts of her speech. She did, however, state that criminal hackers do not live in a vacuum. They are often encouraged and supported by states seeking impunity.
She stated that the UK must coordinate a government-wide response, improve cyber resilience, engage in international and diplomatic initiatives, and pursue the best criminal justice outcomes for individuals captured.