Ransomware attacks present “the most immediate danger” to the UK, the head of the National Cyber Security Centre (NCSC) has said, with cyber attacks linked to the Covid-19 pandemic also likely to be prevalent for many years to come.
Lindy Cameron warned that cybercriminals and other malicious actors continue to see ransomware as an “attractive route” as long as firms do not adequately protect themselves or agree to pay the ransom when attacked – something the NCSC has encouraged companies not to do.
Ms Cameron was speaking at Chatham House’s Cyber 2021 Conference and marking her first year in the post of chief executive at the NCSC, warning that businesses need to do more to protect themselves.
Ransomware is a form of cyber attack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner and has been used as part of a number of high-profile cyber attacks in recent years, including the 2017 attack on the NHS.
“Ransomware presents the most immediate danger to UK businesses and most other organisations,” she said.
“Many organisations – but not enough – routinely plan and prepare for this threat, and have confidence their cybersecurity and contingency planning could withstand a major incident. But many have no incident response plans, or ever test their cyber defences.
“We expect ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay. We have been clear that paying ransoms emboldens these criminal groups – and it also does not guarantee your data will be returned intact, or indeed returned at all.”
Ms Cameron also warned that criminals and state-backed groups will continue to use the pandemic as a vehicle for cyber attack – whether it be to target information around vaccines or by stoking fears to carry out scams.
“The coronavirus pandemic continues to cast a significant shadow on cybersecurity and is likely to do so for many years to come,” she said.
“Malicious actors continue to try and access Covid-related information, whether that is data on new variants or vaccine procurement plans.
“Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public.”
She named Russia and China as the biggest threats to national cybersecurity – noting this would not come as a surprise to industry experts – and also named Iran and North Korea as threats, but added that the “vast majority of hostile cyber activity” that people in the UK will experience will come from “criminals, rather than nation states”.
The cybersecurity chief said the key defence against attack was “resilience” by improving security in general but also boosting skills and understanding of cyber threats across businesses and the public, arguing that “responsibility for understanding cybersecurity risk does not start and end with the IT department”.
“We need Britain’s businesses and organisations to understand the threats they face,” she said.
“And we need the Great British public to have the skills to help them stay safe and technology that removes the security burden on their daily lives, making them safer by default.
“Cybersecurity is absolutely critical to delivering key Government strategies from boosting national resilience to making the UK a science and technology superpower.
“To meet the challenge of the future, we must not only build on our successes to date, but take our cybersecurity to the next level of scale and automation to meet the threats we will face in the next decade.
“Improving our resilience also plays a key role in deterring cyber attacks as our adversaries will see that an attack against the UK is likely to be less effective and the perceived benefits will be reduced.”