Thursday, December 2

UK Ransomware Attacks Have Doubled In One Year, Says GCHQ Head | GCHQ


The head of UK spy agency GCHQ has revealed that the number of ransomware attacks against British institutions has doubled in the last year.

Jeremy Fleming, director of GCHQ, said that locking files and data on a user’s computer and demanding payment for their release had become increasingly popular with criminals because it was “largely unchallenged” and highly profitable.

His comments, made Monday at the annual Cipher Brief threat conference, follow warnings that Russia and China are home to criminal gangs that are successfully targeting Western governments or companies.

“I think the reason [ransomware] it’s proliferating – we’ve seen twice as many attacks this year as we did last year in the UK – it’s because it works. Just pay. Criminals are making a lot of money from it and often feel that this is indisputable, ”he told delegates.

GCHQ has declined to give the exact number of ransomware attacks recorded in the UK this year or last. However, a US Treasury Report released this month revealed that suspicious ransomware-related transactions in the US during the first six months of this year were worth around $ 590 million. The top 10 hacking groups believed to be behind the criminal activity had moved around $ 5.2 billion worth of bitcoins in the past three years, according to the report.

Amid growing concerns about China and Russia’s ties to ransomware gangs, Fleming also called for more clarity on the ties between criminals and hostile states.

“In the short term, we have to fix the ransomware, and that is not a feat in itself. We have to be clear about the red lines and the behaviors we want to see, we have to go after those links between criminal actors and state actors, ”he said.

Ransomware is malware that uses encryption to retain a victim’s information in exchange for a ransom. The critical data of a user or organization is encrypted so that they cannot access files, databases or applications. A ransom is then demanded to provide access. It has been used as part of a number of high-profile cyberattacks in recent years, including the 2017 attack on the NHS.

Specialists believe that Russian ransomware will continue to expand given the proliferation of hacking tools and cryptocurrency payment channels.

Lindy Cameron, executive director of the National Cyber ​​Security Center (NCSC), said this month that ransomware “presents the most immediate danger” of all cyber threats facing the UK, in a speech to the Chatham House think tank. .

In May this year, then-Foreign Secretary Dominic Raab said that states like Russia could not “wave their hand” and say that the ransomware gangs operating from their territory have nothing to do with them.

Since then, the West has tried to increase pressure on the Kremlin. Joe Biden raised the issue with Vladimir Putin twice over the summer, hinting that the United States would be prepared to attack gang-owned computer servers if nothing was done.


www.theguardian.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Share