The NCSC also carried out threat-hunting to shut down security risks connected with devices running the NHS COVID-19 contact tracing app. In July 2020, the UK accused Russian hackers (the Cozy Bear group) of attempting to steal information related to the UK’s vaccine research through cyber espionage. They have also observed the ongoing threat of other state-backed groups targeting the vaccine research, development and delivery roll-out.
The NCSC also commented on the increase in ransomware attacks and the threat they pose to governments, businesses, customers and individuals. They handled more than three times as many ransomware incidents as in the previous year, including an attack on Redcar and Cleveland Council which caused considerable damage and disruption.
Attacks have recently become more targeted and aggressive in nature. They have appeared inside schools, colleges, universities and sports bodies. An English Football club suffered a ransomware attack which crippled its corporate and security systems and took control of the CCTV and turnstiles at the ground which nearly resulted in the cancellation of a game.
Historically, ransomware was all about locking people out of their data until the criminals are paid to give access back. Things have changed recently where individual victims are now being threatened with being exposed and embarrassed online if they fail to comply. This is done by personal, private and sensitive data being used and there is a real fear that this issue is massively under-reported because of the shame and embarrassment felt by the victims. There are many stories of these crimes being carried out where sensitive work emails or financial data or health secrets are used as bargaining chips to get victims to pay up. This can extend to scenarios where images and videos of a private sexual nature are being threatened with release. In extreme situations this has already resulted in suicides. These threats really work, even when victims have backed up their data, because the threat of data being released is greater than the threat of losing access to it.
One crumb of comfort from the NCSC comes in a concluding statement:
“Compared to some other countries, the UK did not appear as heavily targeted because British victims were less likely to pay the attackers”.