Follow us

Ransomware Attacks, biggest threats to UK security?

Ransomware and Covid-related cybercrime's biggest threats to UK security. National Cyber Security Centre chief executive Lindy Cameron speaks at Chatham House’s Cyber 2021 Conference

Updated: October 17, 2021 By Ozair Malik

Masked criminal on a laptop

Image Source - pixabay.com

On Monday, October 11, 2021, Lindy Cameron marked her first-year tenure at the National Cyber Security Centre as the CEO. At the Chatham House speech, Cameron warned the nation of the cybercriminals and other malicious actors as a great threat.

We expect ransomware will continue to be an attractive route for criminals as long as organizations remain vulnerable and continue to pay.

It was also said at the conference by the chairperson that companies that pay and stay vulnerable to these cyber criminals make this an attractive route for the cybercriminals to continue as they please.

This way ransomware is bound to remain as a means of play for the cybercriminals, considering the covid situation, the cybercrime rate has nothing but escalated and would continue to do so.

As you would ask, But why?, Due to the vulnerability the companies show towards these cybercriminals, when they aren’t even sure of the fact that they would guarantee your data will be returned unharmed or returned after all.

Five Most Important Ransomware Attacks of 2021

A survey of more than 3,5000 technology leaders (globally) confirmed that ransomware attacks are spiraling out of control completely.

Considering the report from the cyber security awareness and data analytics company CybSafe it was concluded that all the security incidents reported to the UK Information Commissioner’s Office in the first six months of the year 2021 was double the number of incidents in the year 2020.

Colonial Pipeline

  1. Date: 7 May 2021
  2. Perpetrator: DarkSide
  3. Ransom Demanded: $5 million
  4. Ransom Paid: $4.4 million
  5. Attack: As mentioned by the Bloomberg investigation, the attack was said to be facilitated by a single VPN account password.

Multifactor authentication on all remote access services would have guarded against the successful attack vector used in this instance,

says Chris Sedgwick, director of security operations at Talion

Kaseya

  1. Date: 2 July 2021
  2. Perpetrator: REvil
  3. Ransom Demanded: $70 million
  4. Ransom Paid: None
  5. Attack: The vulnerabilities in Kaseya’s VSA were attacked.

Remote monitoring and management (RMM) software access should be restricted and not available over the internet,” advises Martin Riley, director of managed security services at Bridewell Consulting. “More focus needs to be given to the supply chain, with suppliers regularly reviewed to prevent outsourcing a security incident,

he adds

Ireland’s Health Service Executive (HSE)

Date: 14 May 2021

Perpetrator: Conti (Wizard Spider)

Ransom Demanded: $20 million

Ransom Paid: None

Attack: Malwares suggested by the Cyjax threat intelligence report are; TrickBot, IcedID, or BazarLoader, known to be executed through phishing attacks.

Businesses either pay a smaller amount upfront by investing properly in security or much more later dealing with the effects of an attack,

Gracey-McMinn warns

UK Umbrella Payroll

Dated: 22 September 2021

Tech contractors fume at lack of info as the company says it will 'try to get them paid by Friday.

As confirmed by the biz, the umbrella company, Giant Group, with thousands of contractors on its books had been targeted by a cyberattack flooring system and leaving the workers out in the cold.

This cyberattack shut down the whole network of Giant Pay as well as its IT infrastructure. According to reports from the workers, there were still some discrepancies left behind that were solved during the next week, all in all, this cyber attack left the company pretty shocked and vulnerable.

Cybersecurity; A topic worth considering

In the past years, the destructive potential of cyber ‘operations’ has been seen. Despite not being actively destructive, cyber subversion is a big threat to stability. It happens to be the most modern cyber threat to be faced by the states.

In the last 30 years, there have been several incidents becoming examples today of cyber espionage and sabotage. Correspondently they include: the attack of 2007 at Lockheed Martin where designs and systems were stolen; the attack on the Iranian nuclear facilities in 2010, and the cyberattacks including military action coordination in 2008 were the first in history, Russia’s operations.

Man scared of virus

Image Source – freepik.com

Cyber Subversion Is Effective?

Hacking and online propaganda deliberately attempting to undermine the authority of political leaders pose the greatest threat to the state.

Sabotage, subversion, and espionage have been conventional state strategies for thousands of years. For defeating your opponents, undermining their political system has always been a good tactic as well as taking out their key infrastructure, knowing their weaknesses.

Covid-19, age of corporate cyberattacks?

During the drastic times of the covid-19 pandemic, many organizations got used to working remotely, it was further compounded by the increasing cases of cyberattacks. These breaches were considerately kept under the covers by many companies, they seemed reluctant to share awareness of their failures.

In the said period, of the pandemic, the cyberattack rate was seen to have grown at a scale of 62% worldwide. Since businesses are willing to pay the ransom the incentive of the cybercriminals kept on growing.

According to a report, more than half of ransomware-affected victims in 2021 paid ransom to be able to access their information. Covid-19 brought in a more broadened perspective into view, the need for cyber security.

Cyber Protection

Providing complete visibility to devices: IOT, controllers, IP, medical devices, etc. Allowing companies to embrace IoT as a part of a new digital conversion of technology, these steps are to be taken to identify risks and cyberattacks.

These changes in the Covid-19 pandemic rose the evolution of “Start-Up Nation” further becoming “Scale-Up Nation”.

Conclusion

Improving our resilience also plays a key role in deterring cyber attacks as our adversaries will see that an attack against the UK is likely to be less effective and the perceived benefits will be reduced.

Taking UK’s cybersecurity to the next level is the optimal solution to facing the cyber threats face to face and being able to protect the state's technological superpower.

Tags: 
News
Author
Ozair Malik
A passionate Cyber Security researcher and writer with a keen interest in Digital Forensics. A community worker running a insta blog to raise cybersecurity awareness among laymen.

Leave a comment

click to select