UK could be held to ransom by ‘catastrophic’ cyberattacks

UK flag with cyber text
(Image credit: Shutterstock)

The UK has seen a rise in ransomware attacks that rivals the peaks of 2021, and remains one of the most targeted countries globally.

The Joint Committee on the National Security Strategy (JCNSS) released a report on the threat of ransomware, warning that it “undoubtedly represents a major threat to UK national security”.

The report further stated that given the damage caused by uncoordinated attacks, a single major coordinated attack could immobilize critical national infrastructure, from energy to healthcare.

 Stand and deliver

While ransomware can cause widespread disruption to individual organizations and bring critical services to a standstill, it is primarily a source of income for cyber criminals regardless of state sponsorship.

The combination of ‘triple extortion’ - a ransomware methodology that removes the target's sensitive data, threatens to release it if demands are not met, and also threatens businesses associated with the victim  - alongside the targeting of larger organizations with larger wallets provides a lucrative stream of currency.

Threat actors have also started selling the initial access to an organization in what's known as ransomware-as-a-service. This has provided cyber gangs without the necessary expertise to ‘buy’ access to an organization in return for a fee for each successful ransom.

These factors have contributed heavily to the growth of attacks experienced in the UK, and the JCNSS has warned that the UK government isn’t doing enough to protect the nation. Of particular concern to the committee is the lack of funding provided to the National Crime Agency (NCA), which would allow the NCA to offer salaries that compete with the private sector and therefore attract the best talent.

Moreover, the committee states that lessons are not being learned from previous ransomware attacks and that a single coordinated attack would “shine a spotlight on the inadequacy of the Government’s efforts to secure the UK against ransomware, and to prepare for the aftermath of a major cyber-attack”.

While steps have been taken to increase cyber resilience in the UK, these efforts have been hindered by a lack of funding, “particularly in sectors in which investment in upgrading legacy infrastructure has been inadequate.” The 2017 WannaCry attack, where 34% of NHS trusts in England were affected, highlighted the importance of keeping the computer networks of critical services such as healthcare up to date to limit the potential vulnerabilities.

Considering that the majority of ransomware attacks are perpetrated by Russian groups with direct and indirect state sponsorship, and the Kremlin's lack of respect for international law, there is a distinct possibility that ransomware attacks on the UK could migrate from a source of income for threat actors, to a means state-sponsored geopolitical sabotage.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.

He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.

Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.