British NCSC Chief Describes Russian Attacks As ‘Devastating'

Uploaded on 2021-10-18 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

Criminal groups based in Russia have been blamed by Britain's Cyber Security chief for the most "devastating" ransomware attacks in the country and she said malicious actors are trying to steal coronavirus vaccination plans and data on new variants. 

Russia remains the UK’s most acute cyber threat and the source of most ransomware attacks, says head of National Cyber Security Centre Lindy Cameron.

Cyber attacks which see hackers get inside computer networks and lock the owners out until they pay a ransom present "the most immediate danger" to UK businesses in cyber space, Cameron has warned. Many ransomware gangs operate from Ukraine and Russia and the Russian ransomware gangs are often said by western government officials to operate with the Kremlin's tacit approval, but are not directly controlled by the government.

Ms Cameron said her agency, an arm of GCHQ, and the National Crime Agency had assessed that cyber criminals based in Russia, and its neighbours, were responsible for the most of the "devastating" ransomware attacks against the UK. Her remarks represent one of the firmest attempts yet by a British intelligence chief to pin the epidemic of internet extortion on Russia, which is accused of sheltering criminal hackers who seek to extract millions by seizing corporate data.

She said these types of attack posed a threat to everyone from major companies to local councils and schools.

Speaking at the Chatham House Cyber 2021 conference, Cameron said that few organisations were prepared for the threat or tested their cyber defences.  Cameron said ransomware “presents the most immediate danger” of all cyber threats faced by the UK, in her Chatham House speech. Increasingly in recent cases, criminal gangs have also threatened to release some of the data they have access to publicly.

Ms. Cameron said that the challenge the ransomware criminal gangs posed in terms of law enforcement is "acute" as "the criminals responsible often operate beyond our borders, are increasingly successful in their endeavours, and pose a global challenge we must fight together to ensure no place becomes a safe haven".

Ransomware has risen up the agenda in recent months, particularly the US where an attack on Colonial Pipeline caused fuel shortages on the US east coast. There had been some signs that Russian-linked activity dipped over the summer but cyber security experts believe much of that may be to do with the hackers taking their summer holiday rather than any fundamental shift away from what has been a highly-lucrative business model. Cameron also said that ransomware would continue to be attractive while organisations remained vulnerable and were willing to pay. She said the government had been clear that paying ransoms simply emboldened criminal groups. 

As well as improving its defences, she also said the UK would aim to deliver a "sustained, proactive" campaign to disrupt those harming the UK, including ransomware gangs. 

This would include a range of techniques including the newly established National Cyber Force which can carry out offensive hacking operations. "Malicious actors continue to try and access Covid related information, whether that is data on new variants or vaccine procurement plans... Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public." she said.

Cameron made reference to the recent revelations about the Pegasus spyware sold by the company NSO Group, saying that the NCSC has raised a "red flag" about the growing commercial market for sophisticated products which can be used to hack into people's phones and carry out surveillance. 

She warned of the dangers of "authoritarian states like China" having the ability to influence the standards of new technology in a way that undermines the UK's security. She said the UK needed to be "clear eyed" and protect itself "against Chinese practices that have an adverse effect on our own prosperity and security".

Sky:         Silicon:       Independent:        Guardian:       Verdict:         HSToday:   

TechTimes:      USNews:       BBC:      Image: NCSC

You Might Also Read:

Data Privacy Is Key To The Technology Battle With China:

 

« US Proposes Legislation To Control AI
How AI Will Affect The Future Of Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

Cyber Command

Cyber Command

Our Managed IT service allows clients to offload the management of day-to-day computer, server, and networking support to our team of professionals.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

ShorePoint

ShorePoint

ShorePoint is an elite cybersecurity firm dedicated to improving the cyber resilience of Federal agencies and their missions.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Varen Technologies

Varen Technologies

Varen Technologies is an innovative consulting partner with highly respected cyber security, analytics, Agile Software Development and IT/maintenance expertise.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Upstack

Upstack

UPSTACK - One partner, end-to-end expertise, helping develop the solutions you need – when you need them.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Pulsant

Pulsant

Pulsant is the UK’s premier digital edge infrastructure company providing next-generation cloud, colocation and connectivity services.