The head of the UK’s National Cyber Security Centre has warned that ransomware has become the biggest threat to British people and businesses.

In a speech being given today by Lindy Cameron, chief executive of the NCSC, to the RUSI think tank, she highlights the need for ransomware problem to be taken seriously, and warns of the “cumulative effect” if society fails to properly deal with the rising threat.

Cameron says that although state-sponsored cyber attacks represent a “malicious strategic threat to the UK’s national interests,” the problem goes deeper than that:

“Far more worrying is the cumulative effect of a failure to manage cyber risk and the failure to take the threat of cyber criminality seriously. For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cyber criminals.”

Cameron, who was appointed head of the NCSC – part of GCHQ – last year, points out that technically-advanced professional criminal gangs have enabled anybody the ability to command a ransomware attack:

“…the ecosystem is evolving through Ransomware as a Service, (RaaS); the business model where ransomware variants and lists of targets, credentials and other tools useful for ransomware deployment are available off the shelf for a one-off payment or a share of the profits.” “As the business model has become more and more successful, with these groups securing significant ransom payments from large profitable businesses who cannot afford to lose their data to encryption or to suffer the down time while their services are offline, the market for ransomware has become increasingly ‘professional’.”

A recent attack against a fuel pipeline operator has focused world leaders’ attention on the scourge of ransomware, and the issue (Read more...)