This year’s NCSC’s flagship event, CYBERUK 2021, returned after a one-year COVID-19 induced hiatus, albeit in a virtual format via a dedicated YouTube channel. Ministerial addresses at the event from both the Foreign Secretary and Home Secretary warned of the daily threat posed by malicious actors in cyberspace, particularly through ransomware attacks. We consider their comments and the geopolitical issues they raise.
In her speech to CYBERUK, the Home Secretary Priti Patel outlined the U.K. Government’s position on ransomware payments: ‘Paying a ransom in response to a ransomware [attack] does not guarantee a successful outcome, it will not protect a network from future attacks, nor will it prevent the possibility of future data leaks. In fact, paying a ransom is likely to encourage criminality to continue with this approach.’ Dominic Raab, in his opening speech of the second day focused on ransomware attacks targeting the education sector as well as referring to the “clash of values [that]… is playing out today between the countries that want to protect and preserve a system based on open and outward-looking societies, and those promoting an authoritarian international system”. He also mentioned the British Government’s aspiration to “create a cyberspace that is free, open, peaceful and secure”.
Priti Patel’s speech fell short of calling for a ban on ransomware payments, instead focusing on alternative responses, including reporting attacks to the NCSC. Ransom payments, however, remain the elephant in the room and the British Government is not alone in looking at ways to dissuade the victims of ransomware attacks from paying up. Some, including Ciaran Martin, former CEO of NCSC have publicly advocated the banning of ransom payments as a means to discourage a growing criminal industry. Others have argued that this is not practical, including Anne Neuberger, US Deputy National Security Advisor, who said over the weekend that it was for companies to decide whether they pay or not. In another development which exemplifies the quandary about paying ransoms, the French insurance group AXA revealed that they were the victim of a ransomware attack only days after they had stated they would no longer issue cyber insurance policies in France that pay out extortionate ransoms to hackers.
Ransomware attacks have grown dramatically during the pandemic. They can have an impact beyond the immediate victim, as exemplified by the attack on Colonial Pipeline in the United States: last week saw long queues at gas stations on the US East Coast as one very public consequence. In the wake of that attack, the White House responded that individual companies are responsible for managing their own cyber security, not the government. This may be an indication that governments, in seeking ways to get tougher on the drivers that have allowed ransomware to flourish, are likely to have not just the criminals in their sights.
For more information on the rise of ransomware, check out our whitepaper on the subject here or contact us today at firstname.lastname@example.org or on +44 (0) 203 872 9000.