UK Government stepping up efforts to combat rising tide of ransomware attacks

UK NCSC labels ransomware a national security risk after responding to 63 ‘nationally significant’ attacks last year.

Ransomware is continuing to pose one of the most significant cybersecurity threats to businesses in the UK, the National Cyber Security Centre (NCSC) states in its Annual Review 2022. Given the potential impact on critical national infrastructure and essential services, NCSC classifies ransomware threats a national security risk.

Lindy Cameron, CEO NCSC.

“Ransomware remains the most acute threat that businesses and organizations in the UK face. These attacks have genuine real-world consequences and are a reminder to all organizations of the importance of taking the important mitigation measures set out in our guidance,” said Lindy Cameron, CEO NCSC.

Last year, the NCSC got hundreds of reports of cyber incidents and responded to 63 that were “nationally significant” to require a response. The NCSC also coordinated the national response to 18 ransomware attacks, including the attacks on an IT supplier to NHS 111 and South Staffordshire Water.

Russian-speaking hackers

According to the review, which reflects on events between September 1, 2021, and August 31, 2022, these cyber incidents included a range of malicious cyber activity such as ransomware, reconnaissance, malware and network intrusions, data exfiltration and disruption of services and systems.

Most of the ransomware criminal groups that target the UK continue to be based in Russian-speaking countries. Many threats came also from China, Iran and North Korea. The type of threats varied widely, some included;

  • cyber-enabled espionage – unauthorised access or transfer of secret, classified or sensitive information to gain advantage over rivals;
  • destructive cyber capabilities – using tools such as wiper malware to damage IT systems or institutions;
  • cyber-enabled theft to further strategic advantage or domestic control, for example of Intellectual Property or personal data of citizens;
  • hack and leak – stealing and publishing sensitive or restricted information to embarrass states or institutions or to undermine social cohesion.

China on the rise

The biggest development in the cybersecurity threat landscape last year was Russia’s invasion of Ukraine and the use of cyber operations around it. However, “China’s technical development and evolution is likely to be the single biggest factor affecting the UK’s cybersecurity in the years to come”, the review stated.

“These actions are used to target the local and national governments of other states and their critical national infrastructure, institutions and internal political processes. In the coming years, with the proliferation of commercially available capabilities, the NCSC anticipates a wider number of states possessing the ability to pose threats to the UK’s cybersecurity.”

New advisory board

Oliver Dowden, Chair NCAB. Photo:

The UK Government is working hard to make the UK one of the safest places to live and work online. Recently, the Government convened the new National Cyber Advisory Board (NCAB) for its first meeting, bringing expertise together to set an agenda to protect and promote the UK’s interests in the digital world, including counter cyber threats.

The NCAB meeting comes from the aftermath of new official figures from the Office for National Statistics (ONS) which reveal that there have been 2.7m cyber-related frauds to individuals and businesses in the 12 months to March 2022. Making the UK one of the most target nations.

“We have seen how cyber attacks are increasing, putting the UK and our businesses and services on the frontline of global threats.”

Oliver Dowden, Chair of the Board and Chancellor of the Duchy of Lancaster

“Protecting and promoting the UK’s interests in cyber space cannot be achieved in isolation, it must be a shared endeavour between government and all parts of the economy and society,” said Oliver Dowden, Chair of the Board and Chancellor of the Duchy of Lancaster.

Leading cyber nation

The board will be working towards building the UK’s cyber future and aims to make the country a leading and democratic cyber power by 2030. The work is part of the UK’s National Cyber Strategy, which is backed by £2.6bn ($3bn).

“We have seen how cyberattacks are increasing, putting the UK and our businesses and services on the frontline of global threats. That’s why this new National Cyber Advisory Board is so important, bringing leaders from across industry, the third sector and academia to share information and expertise on how to build and protect our digital economy and services”, added Dowden.

“The digital world is ever changing and businesses and the Government must continue to adapt, innovate and invest in order to protect ourselves, the public, and our data – that’s why we need everyone around the table through the Board working together to help keep individuals and businesses safe online”, said Sharon Barber, Co-chair and Chief Information Officer at Lloyds Banking Group.

The new advisory board will work closely with the Government’s National Cyber Security Centre. It will also launch a new ‘Cyber Aware’ campaign this month together with the City of London Police, which aims to reduce the risk of cyber fraud in the run-up to Christmas.