Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Fraud Management & Cybercrime

Ciaran Martin Warns 2023 Will See Increased High-Profile Attacks

Ciaran Martin, Oxford University professor and former NCSC CEO (Image: ISMG)

Ransomware continues to be the United Kingdom’s most prominent cybersecurity threat, and the country can expect to see a surge in destructive attacks in 2023, warns the former head of the UK’s national cybersecurity agency.

Ciaran Martin, now an Oxford University professor, says while overall ransomware activities across the world slumped in 2022, attacks are likely to surge in the coming months. He adds that recent hacks against The Guardian newspaper and the British Royal Mail are an example of these early-stage attacks.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

Martin, who was the U.K. National Cyber Security Centre’s CEO until 2020, points out one of the contributing factors behind the success of ransomware continues to be that most criminal groups operate out of Russia, which he says is a “safe haven” for the crooks to “operate with impunity.”

“Cyber criminals thrive in weaker states, they don’t thrive in France, in the United States or Canada,” Martin tells Information Security Media Group during the Cyberthreat UK conference this week. “So, for the foreseeable future, I think this region is likely to be a source of significant cyber.”

The 23% decline in ransomware attacks in 2022, which is based on a SonicWall report, is likely tied to disruption caused by the ongoing war in Ukraine and Russia, with most ransomware operators in the region being forced to flee or join as conscripts in the state security service, he says.

“In 2023, the early signs, sadly, are that there’s a bit more of it around,” he says. “So, I think we can expect a few more high-profile cases, especially against organizations in the West.”

This analysis is also supported by the European Union Agency for Cybersecurity, which in its November 2022 threat report warned of increased targeted attacks against critical infrastructure in Western and NATO countries, especially by ransomware-wielding, pro-Russian state-backed hackers in retaliation for supporting Ukraine (see: More State-Sponsored OT Hacking To Come, Says ENISA).

In a December 2022 report, security firm Palo Alto Networks revealed that a hacking group believed to be tied to Russia targeted a large petroleum refining company based inside a NATO country during the early stages of the war in Ukraine (see: Russian Hackers Targeted Oil Refinery Firm in NATO Country).

Martin adds that the prevalence of weak corporate networks across the Western nations and the success of the current ransomware models, as most victims chose to pay the ransom, are two enablers for ransomware growth.

“The notion that it is just easier to pay the ransom is a pro-criminal narrative,” he says. “The fact is, victims have more agency than they think they do and what they don’t realize is that the cost of recovery is most the time cheaper than paying out ransom,” Martin says pointing out to the anecdote of the Harris School Federation in London which recovered its files for $600,000, as opposed to the ransomware hackers’ initial demand of $4 million.

He adds that implementing a national-level policy dissuading potential ransomware victims from paying the ransom remains a challenge that continues to elude policy-makers.

“Twenty years ago, British government took a very difficult decision to outlaw payment of ransoms to terrorists who kidnap. It led to some really difficult decisions, but ultimately it worked as fewer British nationals were kidnapped,” Martin says. “What strikes me is that whilst there are significant challenges with implementing a ban on ransom, we haven’t actually done the work to see if we can overcome that ban.”


Click Here For The Original Source.

National Cyber Security