UK tackles record cyber incidents as Russian ransomware attacks increase
National Cyber Security Centre says cyberattacks at record high and urges businesses not to pay up
The National Cyber Security Centre (NCSC) said it tackled a record number of cyber incidents in the UK over the last year, with ransomware attacks originating from Russia dominating its activities.
The cybersecurity agency said it had helped deal with a 7.5% increase in cases in the year to August, fuelled by the surge of criminal hackers seizing control of corporate data and demanding payment in cryptocurrency for its return.
Paul Chichester, director of operations, said that “ransomware has certainly dominated a significant portion of year” and that the hacking epidemic had become “global as a story in the last 12 months”.
Criminal hackers, based in Russia or in nearby Russian speaking territories, successfully targeted organisations such as the London borough of Hackney and the celebrity jeweller Graff in the UK in the past year.
In May, in the US, oil and gas supplier Colonial Pipeline suspended operations after a ransomware attack left it unable to access key data. It eventually paid $5m (£3.7m) to the hackers to regain control of its systems.
Central government and the UK public sector do not pay cyber ransoms, although fixing the damage can take months. Rebuilding Hackney’s affected systems cost around £10m, with some of the costs met by central government.
However, NCSC officials said they had no power to prevent the payment of ransoms – often around £1m a time – by businesses to hackers, even though doing so ensured the criminal activity continued.
“We would say we would prefer people not to pay because that’s what keeps the UK safest collectively,” said Lindy Cameron, the director of the organisation, who acknowledged that commercial pressures meant some businesses felt they had little choice to meet the hackers’ demands for money.
British ministers and officials have considered banning cyber ransom payments, but it is understood that is unlikely to be implemented, partly because of concern it would discourage businesses from reporting attacks.
Many companies are able to claim on their cyber insurance, although once hackers have access to a corporate system they can seek the insurance policy to work out how much the company is able to pay.
Last month the head UK spy agency GCHQ, NCSC’s parent organisation, disclosed that the number of ransomware attacks on British institutions has doubled in the past year. The impact on the British economy is estimated to run into the hundreds of millions of pounds, mostly stemming from the costs of immobilising businesses.
The cybersecurity agency said it had helped deal with a 7.5% increase in cases in the year to August, fuelled by the surge of criminal hackers seizing control of corporate data and demanding payment in cryptocurrency for its return.
Paul Chichester, director of operations, said that “ransomware has certainly dominated a significant portion of year” and that the hacking epidemic had become “global as a story in the last 12 months”.
Criminal hackers, based in Russia or in nearby Russian speaking territories, successfully targeted organisations such as the London borough of Hackney and the celebrity jeweller Graff in the UK in the past year.
In May, in the US, oil and gas supplier Colonial Pipeline suspended operations after a ransomware attack left it unable to access key data. It eventually paid $5m (£3.7m) to the hackers to regain control of its systems.
Central government and the UK public sector do not pay cyber ransoms, although fixing the damage can take months. Rebuilding Hackney’s affected systems cost around £10m, with some of the costs met by central government.
However, NCSC officials said they had no power to prevent the payment of ransoms – often around £1m a time – by businesses to hackers, even though doing so ensured the criminal activity continued.
“We would say we would prefer people not to pay because that’s what keeps the UK safest collectively,” said Lindy Cameron, the director of the organisation, who acknowledged that commercial pressures meant some businesses felt they had little choice to meet the hackers’ demands for money.
British ministers and officials have considered banning cyber ransom payments, but it is understood that is unlikely to be implemented, partly because of concern it would discourage businesses from reporting attacks.
Many companies are able to claim on their cyber insurance, although once hackers have access to a corporate system they can seek the insurance policy to work out how much the company is able to pay.
Last month the head UK spy agency GCHQ, NCSC’s parent organisation, disclosed that the number of ransomware attacks on British institutions has doubled in the past year. The impact on the British economy is estimated to run into the hundreds of millions of pounds, mostly stemming from the costs of immobilising businesses.
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
