Businesses urged not to give in to ransomware cybercriminals as authorities see surge in payments | Scientific and technical news

Businesses urged not to pay cyber extortionists as authorities claim to have evidence of increased ransomware payments.

In a joint letter to the Law Society, the National Cyber ​​Security Center (NCSC) and the Office of the Information Commissioner are warning lawyers who may have advised their clients to pay.

It follows cybersecurity experts from the UK, US and Australia earlier this year Attention of a “growing wave of increasingly sophisticated ransomware attacks” that could have “devastating consequences”.

The joint letter states that while ransomware payments are “not exceptionally illegal”, those who pay them “should be mindful of the relevance of sanctions regimes (especially those related to Russia)” when considering making the payment.

The United States sanctioned in December 2019 any financial transaction with a Russian cybercrime group accused of having work with Russian intelligence to steal classified government documents.

WHAT IS RANSOMWARE?

Ransomware is a type of malware (malicious software) that attackers can deploy on a victim’s computer network to encrypt their files and render their devices inoperable.

With modern ransomware attacks, criminals then extort the victim to pay huge sums of money, often in Bitcoin and sometimes worth millions of pounds, to decrypt their files and make them accessible again.

But the criminal system involved – made up of skilled networks of individuals who specialize in their particular roles – has developed a multi-faceted model of extortion that involves stealing sensitive files and threatening to post them online in case victims might recover their files from unencrypted backups, or simply refuse to pay.

If released, these files, which may relate to sensitive business transactions or may include customer information, could damage the reputation of the victimized business, impact its stock price or even potentially lead to a class action lawsuit, all of the potential impacts pointed out by the criminals as part of their extortion scheme.

But as the UK’s National Cyber ​​Security Center warns: “Even if you pay the ransom, there is no guarantee that you will gain access to your computer or files. »

Despite the fallout from the Russian war in Ukraine – in one case disconnect 5,800 wind turbines in Germany – the NCSC claims to have detected no increase in hostile activity targeting Britain during the conflict.

The companies have, however, been warned that there is an increased level of threat from cyberattacks due to the conflict which is likely to be here ‘for the long haul’.

Image:
Lindy Cameron is the head of the UK’s National Cyber ​​Security Centre. Photo: NCSC

NCSC chief executive Lindy Cameron said: “Ransomware remains the biggest online threat to the UK and we do not encourage or condone the payment of ransom demands to criminal organisations.

“Unfortunately, we have seen a recent increase in payments to ransomware criminals and the legal industry has a vital role to play in helping reverse this trend.

“Cybersecurity is a collective effort and we urge the legal industry to work with us as we continue our efforts to fight ransomware and keep the UK safe online. »

Mrs Cameron previously warned that the challenge that ransomware gangs posed to law enforcement was “acute” as “criminals responsible often operate beyond our borders, increasingly successful in their efforts”.

“We expect ransomware to continue to be an attractive avenue for criminals as long as organizations remain vulnerable and continue to pay,” she said at the time.

Although there have been arguments in favor of criminalizing the payment of ransoms, this poses a number of additional risks, such as providing criminals with an additional factor that they could use to extort their victims.

John Edwards described Facebook as
Image:
John Edwards is the UK Information Commissioner

John Edwards, the Information Commissioner, added: “Engaging with cybercriminals and paying ransoms only incentivizes other criminals and will not guarantee that compromised files will be disclosed.

“It certainly does not reduce the scale or type of ICO enforcement action or the risk to those affected by an attack,” he added, responding to suggestions that some lawyers have told their customers that paying the criminals would be considered a gesture. to protect user data.

“We have seen cybercrime cost UK businesses billions over the last five years,” the commissioner said.

“The answer to this must be vigilance, good cyber hygiene, including keeping proper backup files, and proper staff training to identify and stop attacks.

“The organizations will get more credit from these arrangements than by paying the criminals.

“I want to work with the legal profession and the NCSC to ensure companies understand how we will review cases and how they can take practical steps to protect themselves in a way that we will recognize in our response should the worst happen. . »

Leave a Comment