GCHQ Boss Says Ransomware Attacks Have Doubled In A Year

Uploaded on 2021-10-26 in INTELLIGENCE--Europe, GOVERNMENT-National, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

Jeremy Fleming, the Director of GCHQ, has said that the number of ransomware attacks on British organisations has doubled in the past 12 months. He also said that these attacks have become increasingly popular among criminals because it was “largely uncontested” and highly profitable for them.

He made his statement on the second day of the Cipher Brief Annual Threat Conference in Sea Island Georgia on October 25th, follow warnings that Russia and China are harbouring criminal gangs that are successfully targeting western governments or firms. 

Ransomware is malware that employs encryption to hold a victim’s information at ransom. Critical data is encrypted so that the organisation cannot access files, databases, or applications. A ransom is then demanded to provide access. It has been used as part of a number of high-profile cyber-attacks in recent years, including the 2017 attack on the NHS and this year of the health service in Ireland

Hackers are using software to lock files on computers before stopping victims from accessing their own data, essentially holding it hostage and demanding money from them. Once they have received ransomware payment, the hackers can then give a decryption key back to the victim so they can regain access. “I think that the reason ransomware is proliferating, we’ve seen twice as many attacks this year as last year in the UK, is because it works. It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested,” he told delegates.

GCHQ has declined to give the exact numbers of ransomware attacks recorded in the UK this year or last. However, a recent US Treasury Report disclosed that suspicious ransomware-related transactions in the US over the first six months of this year were worth around $590m. The top 10 hacking groups believed to be behind criminal activity had moved about $5.2bn worth of bitcoin over the past three years, the report said.

Amid growing concerns over China and Russia’s ties to ransomware gangs, Fleming also called for more clarity over the links between criminals and hostile states. “In the shorter term we’ve got to sort out ransomware, and that is no mean feat in itself. We have to be clear on the red lines and behaviours that we want to see, we’ve got to go after those links between criminal actors and state actors”.

“We’ve got to go after those links between criminal actors and state actors, and impose costs where we see that, and beyond that I think we’ve got to make sure that we are doing all we can to de-simplify this and to take as much out of it of the hands of citizens as we can so that they can enjoy living in a safe and secure online world,” Fleming said. He said that it is not “rocket science” to “defend against this sort of stuff...  Back up your data, make sure you’ve got your admin right, sorted out, make sure your passwords are properly protected, work out where your thresholds are, have thought in advance how you would respond if you were approached for ransom, all those sorts of things, it’s just basic stuff,” he said.

Security specialists believe Russian ransomware will continue to expand given the proliferation of cyber hacking tools and crypto-currency payment channels. 

  • In May this year, the then foreign secretary, Dominic Raab, said states such as Russia could not “wave their hands” and say ransomware gangs operating from their territory had nothing to do with them.

Since then, Western nations has sought to increase pressure on Russia. President Biden has raised these issues with Vladimir Putin over the summer and he hinted that the US would be prepared to attack computer servers belonging to the gangs if nothing was done.   

The Cipher Brief:    Standard:    NMAP:      Belfast Telegraph:    Guardian:    Daily Echo:    Verve Times:   

You Might Also Read: 

Cyber Attacks Are The New Cold War:

 

« Facebook Is 'making hate worse'
British Spies Trust Amazon With Their Secrets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

King & Spalding

King & Spalding

King & Spalding is an international law firm with offices in the United States, Europe and the Middle East. Practice areas include Data, Privacy & Security.

ISF Annual World Congress

ISF Annual World Congress

ISF Annual World Congress, our flagship global event, offers attendees an opportunity to discuss and find solutions to current security challenges.

DataLocker

DataLocker

DataLocker offers both hardware based external storage and software based cloud storage encryption solutions.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

ComoNExT Innovation Hub

ComoNExT Innovation Hub

ComoNExT is a Digital Innovation Hub and a startup incubator with a focus on the issues of digital transformation and Industry 4.0.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

NetTech

NetTech

NetTech’s Managed CyberSecurity and Compliance/HIPAA services are designed to help your company prevent security breaches and quickly remediate events if they do happen to occur.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

Lasso Security

Lasso Security

Lasso Security is a pioneer cybersecurity company ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.