UK could be held to ransom by ‘catastrophic’ cyberattacks

The UK has seen a rise in ransomware attacks that rivals the peaks of 2021, and remains one of the most targeted countries globally.

The Joint Committee on the National Security Strategy (JCNSS) released a report on the threat of ransomware, warning that it “undoubtedly represents a major threat to UK national security”.

The report further stated that given the damage caused by uncoordinated attacks, a single major coordinated attack could immobilize critical national infrastructure, from energy to healthcare.

 Stand and deliver

While ransomware can cause widespread disruption to individual organizations and bring critical services to a standstill, it is primarily a source of income for cyber criminals regardless of state sponsorship.

The combination of ‘triple extortion’ - a ransomware methodology that removes the target's sensitive data, threatens to release it if demands are not met, and also threatens businesses associated with the victim  - alongside the targeting of larger organizations with larger wallets provides a lucrative stream of currency.

Threat actors have also started selling the initial access to an organization in what's known as ransomware-as-a-service. This has provided cyber gangs without the necessary expertise to ‘buy’ access to an organization in return for a fee for each successful ransom.

These factors have contributed heavily to the growth of attacks experienced in the UK, and the JCNSS has warned that the UK government isn’t doing enough to protect the nation. Of particular concern to the committee is the lack of funding provided to the National Crime Agency (NCA), which would allow the NCA to offer salaries that compete with the private sector and therefore attract the best talent.

Moreover, the committee states that lessons are not being learned from previous ransomware attacks and that a single coordinated attack would “shine a spotlight on the inadequacy of the Government’s efforts to secure the UK against ransomware, and to prepare for the aftermath of a major cyber-attack”.

While steps have been taken to increase cyber resilience in the UK, these efforts have been hindered by a lack of funding, “particularly in sectors in which investment in upgrading legacy infrastructure has been inadequate.” The 2017 WannaCry attack, where 34% of NHS trusts in England were affected, highlighted the importance of keeping the computer networks of critical services such as healthcare up to date to limit the potential vulnerabilities.

Considering that the majority of ransomware attacks are perpetrated by Russian groups with direct and indirect state sponsorship, and the Kremlin's lack of respect for international law, there is a distinct possibility that ransomware attacks on the UK could migrate from a source of income for threat actors, to a means state-sponsored geopolitical sabotage.

More from TechRadar Pro

• Another top US health provider sees millions of patient records stolen - here's what we know
• Take a look at our guide to the best malware removal tools
• Exploitation of the internet and the mind: How cybercriminals operate