UK politicians fear “catastrophic ransomware attack”

Britain’s Parliamentary committee warns that large swathes of UK critical national infrastructure are vulnerable to ransomware, and a coordinated attack has the potential to bring the country to its knees.

“There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking,” a report by the UK’s Joint Committee on the National Security Strategy reads.

According to the report, the most vulnerable sectors, such as healthcare and local government, are either relying on legacy IT systems or are cash-strapped. The “soft underbelly” of Britain's critical infrastructure is its supply chains.

The UK government has two months to respond to the parliamentary report, claiming that “a coordinated and targeted attack has the potential to take down large parts of UK critical national infrastructure and public services, causing severe damage to the economy and to everyday life in the UK.”

Russian-speaking actors have been identified as the primary source of most attributable ransomware attacks against UK targets. The Kremlin’s zero-sum-game, while disruptive, also provides revenue “to the Putin regime’s well-oiled network of corruption and criminality.”

Not all hackers from Russia are ideologically driven. For many, ransomware is simply an easy way to make large sums of money, with next to no chance of being caught or prosecuted.

The committee urges the government to strengthen the UK’s defenses and preparedness. They described the implementation of existing cyber resilience regulations as “poor.”

“If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,”

It also proposes regular national exercises to prepare for the impact of a major attack and higher funding for the National Cyber Security Centre (NCSC), with victims “currently receiving next-to-no support from law enforcement or Government agencies.”

“The National Crime Agency is locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge. The Government should invest significantly more resources in the NCA’s response to ransomware, enabling it to pursue a more aggressive approach to infiltrating and disrupting ransomware operators,” the report reads.

Ransomware is a form of malware designed to damage systems and steal data. Losses are often irreversible, even if organizations give in to the pressure to pay ransoms.

Although the UK has so far avoided a C1 attack – the highest categorization of attack severity used by Britain’s government – many cyberattacks have occurred recently. For example, the UK's Labour Party was likely hit by a ransomware attack, which resulted in data loss. The British Library confirmed that data had was leaked in a ransomware attack on October 28th. And the UK police had its data stolen by the Cl0p ransomware group.

The breach of the Health Service Executive (HSE) of Ireland in May 2021, when the Russian ransomware group Conti encrypted 80% of HSE’s systems, and the Colonial Pipeline attack, which shut down major oil pipelines in 17 US states, are recent examples of C1 attacks.