British spy chief and GCHQ director Jeremy Fleming has warned businesses that the scale and severity of ransomware is growing at an alarming rate as cyber criminals look to exploit poor cybersecurity to maximise profit.
Fleming, who just so happens to have the same surname as James Bond creator Ian, has issued the alert in the wake of new working practices triggered by the Covid pandemic, with many firms even more reliant on remote services and online collaboration platforms.
While the increased use of digital technology has provided workers with many benefits, it is also playing into the hands of cyber gangs.
Delivering this year’s Imperial College Vincent Briscoe Annual Security Lecture, Fleming said: “Our reliance on technology to stay close to loved ones, enable different ways of working and access crucial services has dramatically increased. Most of this has been to our benefit. But it’s benefited our foes too as they exploit the accelerations in connectivity and poor cybersecurity.”
He also warned that hostile nation states are looking to exploit digital tech to conduct cyberattacks – including attempts to steal coronavirus research and exploit supply chains with malware and phishing attacks.
But cyber-criminal gangs also represent a major threat and Fleming warned that ransomware in particular poses a cybersecurity danger for organisations of all kinds.
He added: “We’ve seen ransomware become a serious threat, both in terms of scale and severity. Increasingly, it targets crucial providers of public services, as well as businesses, as criminals play on our dependence on tech.”
The rise in remote working has provided cyber criminals with additional avenues to gain access to networks as they exploit remote desktop services and VPNs, often secured with common or default passwords, while the nature of remote work means it is more difficult for information security teams to differentiate legitimate behaviour from potentially suspicious activity.
That has triggered a rise in ransomware attacks against organisations in all sectors – and the attacks remain successful because there is a significant percentage of victims who will pay the ransom of millions in order to retrieve their files.
“It has resulted in serious disruptions to education, health and local authorities, caused huge losses for unprepared businesses and has rapidly become a significant threat to our supply chains,” said Fleming. “There’s a whole other lecture here about the need for concerted action to address this trend – but for now, all I’d say is that it’s growing at an alarming rate.”
Related stories
UK firms issued red alert as Microsoft hack escalates
Gold diggers: cyber criminals driven by the filthy lucra
Hack attack fears push UK cyber security to over £8bn
Data breaches, not rogues, are ICO Public Enemy No. 1
Maasdam busters: Netherlands is EU cybercrime capital
Half of UK firms would pay ransom to avoid GDPR fine
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks