UK could be held to ransom by ‘catastrophic’ cyberattacks

UK flag with cyber text
(Image credit: Shutterstock)

The UK has seen a rise in ransomware attacks that rivals the peaks of 2021, and remains one of the most targeted countries globally.

The Joint Committee on the National Security Strategy (JCNSS) released a report on the threat of ransomware, warning that it “undoubtedly represents a major threat to UK national security”.

The report further stated that given the damage caused by uncoordinated attacks, a single major coordinated attack could immobilize critical national infrastructure, from energy to healthcare.

 Stand and deliver

While ransomware can cause widespread disruption to individual organizations and bring critical services to a standstill, it is primarily a source of income for cyber criminals regardless of state sponsorship.

The combination of ‘triple extortion’ - a ransomware methodology that removes the target's sensitive data, threatens to release it if demands are not met, and also threatens businesses associated with the victim  - alongside the targeting of larger organizations with larger wallets provides a lucrative stream of currency.

Threat actors have also started selling the initial access to an organization in what's known as ransomware-as-a-service. This has provided cyber gangs without the necessary expertise to ‘buy’ access to an organization in return for a fee for each successful ransom.

These factors have contributed heavily to the growth of attacks experienced in the UK, and the JCNSS has warned that the UK government isn’t doing enough to protect the nation. Of particular concern to the committee is the lack of funding provided to the National Crime Agency (NCA), which would allow the NCA to offer salaries that compete with the private sector and therefore attract the best talent.

Moreover, the committee states that lessons are not being learned from previous ransomware attacks and that a single coordinated attack would “shine a spotlight on the inadequacy of the Government’s efforts to secure the UK against ransomware, and to prepare for the aftermath of a major cyber-attack”.

While steps have been taken to increase cyber resilience in the UK, these efforts have been hindered by a lack of funding, “particularly in sectors in which investment in upgrading legacy infrastructure has been inadequate.” The 2017 WannaCry attack, where 34% of NHS trusts in England were affected, highlighted the importance of keeping the computer networks of critical services such as healthcare up to date to limit the potential vulnerabilities.

Considering that the majority of ransomware attacks are perpetrated by Russian groups with direct and indirect state sponsorship, and the Kremlin's lack of respect for international law, there is a distinct possibility that ransomware attacks on the UK could migrate from a source of income for threat actors, to a means state-sponsored geopolitical sabotage.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.