GCHQ Boss Says Ransomware Attacks Have Doubled In A Year

Uploaded on 2021-10-26 in INTELLIGENCE--Europe, GOVERNMENT-National, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Hackers

Jeremy Fleming, the Director of GCHQ, has said that the number of ransomware attacks on British organisations has doubled in the past 12 months. He also said that these attacks have become increasingly popular among criminals because it was “largely uncontested” and highly profitable for them.

He made his statement on the second day of the Cipher Brief Annual Threat Conference in Sea Island Georgia on October 25th, follow warnings that Russia and China are harbouring criminal gangs that are successfully targeting western governments or firms. 

Ransomware is malware that employs encryption to hold a victim’s information at ransom. Critical data is encrypted so that the organisation cannot access files, databases, or applications. A ransom is then demanded to provide access. It has been used as part of a number of high-profile cyber-attacks in recent years, including the 2017 attack on the NHS and this year of the health service in Ireland

Hackers are using software to lock files on computers before stopping victims from accessing their own data, essentially holding it hostage and demanding money from them. Once they have received ransomware payment, the hackers can then give a decryption key back to the victim so they can regain access. “I think that the reason ransomware is proliferating, we’ve seen twice as many attacks this year as last year in the UK, is because it works. It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested,” he told delegates.

GCHQ has declined to give the exact numbers of ransomware attacks recorded in the UK this year or last. However, a recent US Treasury Report disclosed that suspicious ransomware-related transactions in the US over the first six months of this year were worth around $590m. The top 10 hacking groups believed to be behind criminal activity had moved about $5.2bn worth of bitcoin over the past three years, the report said.

Amid growing concerns over China and Russia’s ties to ransomware gangs, Fleming also called for more clarity over the links between criminals and hostile states. “In the shorter term we’ve got to sort out ransomware, and that is no mean feat in itself. We have to be clear on the red lines and behaviours that we want to see, we’ve got to go after those links between criminal actors and state actors”.

“We’ve got to go after those links between criminal actors and state actors, and impose costs where we see that, and beyond that I think we’ve got to make sure that we are doing all we can to de-simplify this and to take as much out of it of the hands of citizens as we can so that they can enjoy living in a safe and secure online world,” Fleming said. He said that it is not “rocket science” to “defend against this sort of stuff...  Back up your data, make sure you’ve got your admin right, sorted out, make sure your passwords are properly protected, work out where your thresholds are, have thought in advance how you would respond if you were approached for ransom, all those sorts of things, it’s just basic stuff,” he said.

Security specialists believe Russian ransomware will continue to expand given the proliferation of cyber hacking tools and crypto-currency payment channels. 

  • In May this year, the then foreign secretary, Dominic Raab, said states such as Russia could not “wave their hands” and say ransomware gangs operating from their territory had nothing to do with them.

Since then, Western nations has sought to increase pressure on Russia. President Biden has raised these issues with Vladimir Putin over the summer and he hinted that the US would be prepared to attack computer servers belonging to the gangs if nothing was done.   

The Cipher Brief:    Standard:    NMAP:      Belfast Telegraph:    Guardian:    Daily Echo:    Verve Times:   

You Might Also Read: 

Cyber Attacks Are The New Cold War:

 

« Facebook Is 'making hate worse'
British Spies Trust Amazon With Their Secrets »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

Pindrop Security

Pindrop Security

Pindrop solutions are leading the way to the future of voice by establishing the standard for security, identity, and trust for every voice interaction.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

Software Diversified Services (SDS)

Software Diversified Services (SDS)

SDS provides the highest quality mainframe software and award-winning, expert service with an emphasis on security, encryption, monitoring, and data compression.

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Gridware

Gridware

Gridware is a specialised cybersecurity consultancy firm and an emerging global player in the cybersecurity intelligence and advisory field.

Herzing College

Herzing College

Herzing College Ottawa offers an accelerated 12-month Cybersecurity Specialist training program. This program is developed by industry experts and based on leading IT security certifications.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

Novem CS

Novem CS

Novem CS are bespoke cyber security specialists providing a highly effective and specialised approach to solving your cyber security challenges.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.

Instil Software

Instil Software

Instil helps technology brands transform, innovate and disrupt their markets with category-defining software products that challenge us to think, feel and act in new ways.

Archipelo

Archipelo

At Archipelo, we empower organizations with Developer Security - to increase software security and compliance throughout the development lifecycle.