0

CNI ‘vulnerable to ransomware’ | Professional Security | #ransomware | #cybercrime

[ad_1]


Large swathes of UK critical national infrastructure (CNI) remain vulnerable to ransomware, particularly in sectors still relying on legacy IT, a committee of parliamentarians reports.

The Joint Committee on the National Security Strategy, of peers and MPs to consider the National Security Strategy, points to ‘particular concerns about cash-strapped sectors such as health and local government’ in a report about ransomware and UK national security, titled ‘A hostage to fortune‘.

It opens vividly with a February 2020 example of Redcar and Cleveland Borough Council that ‘suffered a “catastrophic” ransomware attack’ that left it without telephones, email or computers; not even records or documents. The council refused to pay the ransom; recovery took eight and a half months.

The report states that having ‘exploded’ in 2021, the ransomware threat is still as severe as it has ever been, and the UK is one of the most targeted countries. “A mature and complex ecosystem has evolved, involving an increasingly sophisticated threat actor; ransomware is also now marketed as a service, which can be purchased by the uninvolved e.g. criminal gangs, making it more widely available to those who wish to inflict harm for profit. Past attacks have shown that ransomware can cause severe disruption to the delivery of core Government services, including healthcare and child protection, as well as ongoing economic losses. The majority of ransomware attacks against the UK are from Russian-speaking perpetrators, and the Russian Government’s tacit (or even explicit) approval of this activity is consistent with the Kremlin’s disruptive, zero-sum-game approach to the West. This is not a straightforward state threat, however. For many Russian hackers, ransomware is simply an easy way to make large sums of money, with next-to-no chance of being caught or prosecuted. The Government and the National Cyber Security Centre (NCSC) have focused their counter-ransomware efforts predominantly on resilience.

“Supply chains are also particularly vulnerable and have been described by the NCA [National Crime Agency] as the ‘soft underbelly’ of CNI. As a result of these vulnerabilities, a coordinated and targeted attack has the potential to take down large parts of UK CNI and public services, causing severe damage to the economy and to everyday life in the UK. Given the poor implementation of existing cyber resilience regulations, the Government should scope the feasibility of establishing a cross-sector regulator on CNI cyber resilience. As part of the National Exercise Programme, it should also hold regular national exercises to prepare for the impact of a major national ransomware attack affecting multiple CNI sectors, engaging CNI operators to stress-test their response and ensure a swift recovery. In addition, the NCSC should be funded to establish an enhanced and dedicated local authority resilience programme, including intensive support for local exercising and on securing council supply chains.”

You can read the report on the UK Parliament website.

Comment

Mike Newman, CEO of My1Login called it a damning report on the Government that highlights potentially devastating failings in the UK’s cyber defences.

 “The report highlights that not enough is being done to protect our critical national infrastructure, which could result in criminals cutting off essential supplies or causing massive financial damage. Nation state attacks are becoming more frequent, so the chances of an adversary targeting the UK to cause societal damage are highly likely. The government must work to improve its defences.

 “The report also discusses cybersecurity concerns around the NHS, which echo the findings of recent research by My1Login. Our team recently discovered that only a handful of NHS Trusts hold a dedicated cybersecurity budget and very few have security teams that are larger than one or two members of staff. The research also highlighted that most NHS staff only staff undertake less than two-hours security training annually, but given that most ransomware attacks are executed through phishing, this is an issue that must be remediated immediately.

 “We don’t want another WannaCry on our hands again any time soon.”

Background

To quote from the UK strategic policing requirement, revised as of February 2023, sectors of the Critical National Infrastructure include: chemicals, civil nuclear communications, defence, emergency services, energy, finance, food, government, health, space, transport and water. A ‘national cyber event’ that covers cyber-attacks across the CNI is listed as one of seven ‘national threats’; the others are violence against women and girls, terrorism, serious and organised crime (SOC, which includes fraud and drug crime), child sexual abuse, public order and civil emergencies.

[ad_2]

Source link

National Cyber Security

FREE
VIEW