Lindy Cameron, chief executive of the National Cyber Security Center – a branch of GCHQ – urged Britons to be aware of the threat of hackers, in a speech to the Royal United Services Institute in London on Monday.
Cameron described China’s cyberattacks on UK industry as “something our businesses are dealing with as usual”, and pointed out that North Korea and Iran are using digital technology to “sabotage and steal”. She also accused Russia of using the web to seek “political advantage”.
However, Cameron said what she found “most worrying” was not the state actors, but the broader failure of cyber risk management. For the ‘vast majority’ of UK citizens and businesses, including providers of critical national infrastructure and government services, ‘the main threat is not state actors but cybercriminals,’ added the NCSC chief executive. .
Its warning comes after a worldwide proliferation of ransomware attacks, which typically cripple a target’s computer networks and data until a payment is made.
The number of incidents increased by more than 60% to 305 million in 2020, according to data from SonicWall. Recent casualties include the Irish health service, the US Colonial Pipeline and JBS, the Brazilian meat processing company, in attacks that have drawn attention to the risk to critical infrastructure and supply chains.
The White House believes the Colonial Pipeline and JBS attacks were carried out by Russia-based criminals, and US President Joe Biden is expected to raise the issue when he meets with his Russian counterpart Vladimir Putin this week. Biden said he was “open” to a proposal from Putin that Russia would hand cybercriminals over to the United States if Washington did the same for Moscow.
Leaders of the G7 countries, who gathered in Cornwall over the weekend, have expressed their determination to crack down on hackers. They pledged in their summit statement that they would “urgently address” the “growing shared threat of criminal ransomware networks”.
The statement also called on Russia in particular to “identify, disrupt and hold accountable” ransomware attackers and other cybercriminals, including those who “abuse virtual currency to launder ransoms”, within its borders. .
In her speech on Monday, the NCSC chief executive said cybercriminals do not exist in a vacuum and are “often activated and facilitated by states acting with impunity.”
She added that while ransomware has historically been the preserve of high-end cybercrime groups, the threat is evolving due to the ‘ransomware as a service’ business model, in which malware tools and targets are sold online. .