British NCSC Chief Describes Russian Attacks As ‘Devastating'

Criminal groups based in Russia have been blamed by Britain's Cyber Security chief for the most "devastating" ransomware attacks in the country and she said malicious actors are trying to steal coronavirus vaccination plans and data on new variants. 

Russia remains the UK’s most acute cyber threat and the source of most ransomware attacks, says head of National Cyber Security Centre Lindy Cameron.

Cyber attacks which see hackers get inside computer networks and lock the owners out until they pay a ransom present "the most immediate danger" to UK businesses in cyber space, Cameron has warned. Many ransomware gangs operate from Ukraine and Russia and the Russian ransomware gangs are often said by western government officials to operate with the Kremlin's tacit approval, but are not directly controlled by the government.

Ms Cameron said her agency, an arm of GCHQ, and the National Crime Agency had assessed that cyber criminals based in Russia, and its neighbours, were responsible for the most of the "devastating" ransomware attacks against the UK. Her remarks represent one of the firmest attempts yet by a British intelligence chief to pin the epidemic of internet extortion on Russia, which is accused of sheltering criminal hackers who seek to extract millions by seizing corporate data.

She said these types of attack posed a threat to everyone from major companies to local councils and schools.

Speaking at the Chatham House Cyber 2021 conference, Cameron said that few organisations were prepared for the threat or tested their cyber defences.  Cameron said ransomware “presents the most immediate danger” of all cyber threats faced by the UK, in her Chatham House speech. Increasingly in recent cases, criminal gangs have also threatened to release some of the data they have access to publicly.

Ms. Cameron said that the challenge the ransomware criminal gangs posed in terms of law enforcement is "acute" as "the criminals responsible often operate beyond our borders, are increasingly successful in their endeavours, and pose a global challenge we must fight together to ensure no place becomes a safe haven".

Ransomware has risen up the agenda in recent months, particularly the US where an attack on Colonial Pipeline caused fuel shortages on the US east coast. There had been some signs that Russian-linked activity dipped over the summer but cyber security experts believe much of that may be to do with the hackers taking their summer holiday rather than any fundamental shift away from what has been a highly-lucrative business model. Cameron also said that ransomware would continue to be attractive while organisations remained vulnerable and were willing to pay. She said the government had been clear that paying ransoms simply emboldened criminal groups. 

As well as improving its defences, she also said the UK would aim to deliver a "sustained, proactive" campaign to disrupt those harming the UK, including ransomware gangs. 

This would include a range of techniques including the newly established National Cyber Force which can carry out offensive hacking operations. "Malicious actors continue to try and access Covid related information, whether that is data on new variants or vaccine procurement plans... Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public." she said.

Cameron made reference to the recent revelations about the Pegasus spyware sold by the company NSO Group, saying that the NCSC has raised a "red flag" about the growing commercial market for sophisticated products which can be used to hack into people's phones and carry out surveillance. 

She warned of the dangers of "authoritarian states like China" having the ability to influence the standards of new technology in a way that undermines the UK's security. She said the UK needed to be "clear eyed" and protect itself "against Chinese practices that have an adverse effect on our own prosperity and security".

Sky:         Silicon:       Independent:        Guardian:       Verdict:         HSToday:   

TechTimes:      USNews:       BBC:      Image: NCSC

You Might Also Read:

Data Privacy Is Key To The Technology Battle With China:

 

« US Proposes Legislation To Control AI
How AI Will Affect The Future Of Work »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

Milton Security Group

Milton Security Group

Milton Security develops products to provide security, visibility and control over your network to keep it Operational and Secure.

Owl Cyber Defense Solutions

Owl Cyber Defense Solutions

Owl patented DualDiode Technology enables hardware-enforced network segmentation and deterministic, one-way transfer of all data types and file sizes.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

Marlabs

Marlabs

Marlabs is a Digital Technology Solutions company that helps companies adopt digital transformation using a comprehensive framework including Digital Automation, Enterprise Analytics and Security.

Datastream Cyber Insurance

Datastream Cyber Insurance

DataStream Cyber Insurance is designed to give SMB’s across the US greater confidence in the face of increasing cyber attacks against the small and medium business community.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

Newchip Accelerator

Newchip Accelerator

Newchip is an online startup accelerator program providing you with all of the tools and skills necessary to fund, build, and scale.