Ransomware attacks present “the most immediate danger” to UK businesses online, said a UK cyber chief in a press conference on Tuesday. Lindy Cameron, the chief executive officer of the United Kingdom’s National Cyber Security Centre (NCSC), further stated that malicious actors from Russia and China are the biggest threats to the UK’s cybersecurity.
Cameron said that these attacks threaten a wide range of organizations, from major companies to local school councils. Unfortunately, many of them are not prepared to deal with the growing cyber threat.
Not Enough Businesses Have Adequate Cyber Defences
Speaking at the 2021 Chatham House Cyber Conference, Cameron warned that not enough organizations “routinely plan and prepare” for ransomware threats.
She said many, but not enough, businesses believe that their cybersecurity and contingency planning can handle a significant attack. However, these groups do not have incident response plans. Some organizations never even test their cyber defenses.
Cameron warned that criminals will continue to unleash ransomware attacks until businesses step up their cyber security efforts.
“We expect ransomware will continue to be an attractive route for criminals as long as organizations remain vulnerable and continue to pay,” she said.
“We have been clear that paying ransoms emboldens these criminal groups — and it also does not guarantee your data will be returned intact, or indeed returned at all,” she added.
Russia and China are the “Biggest Threats” to UK’s Cybersecurity
The NCSC head noted that state-backed actors are a significant threat to the country’s cyberspace. Cameron named Russia and China as the biggest threats to the UK’s cybersecurity. She also included Iran and North Korea on the list of threat actors.
While there are some signs that Russian-back cyberattacks have been reduced, cybersecurity experts believe it is unlikely that they will turn away for good. This is because ransomware attacks have so far been highly successful and lucrative.
However, Cameron stated that the “vast majority of hostile cyber activity” people in the UK will experience will come from “criminals, rather than nation-states.”
Cameron added that attackers continue to target Covid-related information. This can include details such as data on new variants or initiatives to procure vaccines. Cameron believes their motive is to “use this information to undermine public trust in government responses to the pandemic.”
“Criminals are now regularly using Covid-themes attacks as a way of scamming the public,” she said.
Cameron also spoke about the growing commercial market for products such as Pegasus. The spyware was used by many government agencies to hack into smartphones and conduct targeted surveillance.
UK Plans to Improve its Defences and Disrupt Malicious Groups
Cameron laid out the UK’s plan to address the cybersecurity threat. She stressed the need to build resilience by:
- improving security
- boosting skills
- understanding the threats that organizations in the country face
Cameron said the country aims to disrupt malicious actors, including ransomware gangs. The newly-established National Cyber Force, which is empowered to carry out offensive hacking operations, will play a part in this campaign.
The NCSC chief added that the public will play a crucial role. She urged the people to “have the skills to help [themselves] stay safe and [the] technology that removes the security burden on their daily lives, making them safer by default.”
“Improving our resilience also plays a key role in deterring cyber attacks, as our adversaries will see that an attack against the UK is likely to be less effective and the perceived benefits will be reduced,” Cameron said.