Russia responsible for most devastating ransomware attacks - UK cyber chief
Ransomware attacks pose the most immediate danger to UK businesses, the head of countries' National Cyber Security Centre (NCSC), Lindy Cameron, has warned.
Cybercriminals from Russia and its neighbors are behind the largest extortion attacks aimed at UK businesses, Cameron said. According to NCSC's chief, the assessment comes from NCSC and the National Crime Agency (NCA).
"We – along with the NCA – assess that cybercriminals based in Russia and neighboring countries are responsible for most of the devastating ransomware attacks against UK targets," Cameron said during a speech to the Chatham House think tank.
The Head of NCSC added that cybercriminals are increasingly successful and pose a global challenge for nations in ensuring that no place becomes a safe haven.
"We – along with the NCA – assess that cybercriminals based in Russia and neighboring countries are responsible for most of the devastating ransomware attacks against UK targets."-Lindy Cameron
"Ransomware presents the most immediate danger to UK businesses and most other organizations, from FTSE 100 companies to schools; from critical national infrastructure to local councils," Cameron said.
Last week, Ukrainian police announced they had arrested a 25-year-old man who hacked more than 100 foreign companies and caused damage worth more than $150 million. According to the authorities, the victims included world-famous energy and tourism companies.
Even though it is not the first time Russia has been mentioned among the top culprits behind the cybercrime epidemic plaguing the world, it is one of the first times the UK explicitly named Russia responsible for successful ransomware attacks.
It's hardly a secret that many prominent cyber cartels often operate from Russian territory. On May 7, the Colonial Pipeline facility in Pelham, Alabama. Its operators were forced to shut down their systems, causing fuel shortages in the American Southeast.
The culprit behind the attack was the Darkside ransomware cartel, known to operate in Russia. Darkside cartel was also behind a recent attack against a US farm service provider New Cooperative Inc. A meat supplier JBS was REvil, the same month.
Last December, against SolarWinds was discovered, with the Russia-linked APT29 cyber espionage group (aka Cozy Bear) named as the perpetrator.
Year in turmoil
Cyberattacks are increasing in scale, sophistication, and scope. In 2020, ransomware payments reached over $400 million, more than four times the level of 2019. This year will likely set another record benchmark for ransomware cartels globally.
A recent IBM report shows that an average data breach costs victims $4.24 million per incident, the highest in the 17 years. For example, the average cost stood at $3.86 million per incident last year, putting recent results at a 10% increase.
Some ransomware groups went dark for a while, after carrying out major attacks. A cool-off period is likely meant to regroup, and recent developments show that cybercrime cartels are waking up and will likely be on the prowl for the next major extortion scheme.
More from CyberNews
Subscribe to our newsletter