Ransomware Is Growing At An Alarming Rate, Warns GCHQ Chief
The scale and severity of ransomware is growing at an alarming rate as cyber criminals look to exploit poor cybersecurity to maximise profit, the director of GCHQ has warned.
Organisations and their employees have been forced to adapt to different ways of working over the last year, with many now even more reliant on remote services and online collaboration platforms.
But while the increased use of digital technology has provided people with many benefits, it is also benefiting cyber criminals who are able to exploit it for their own gain.
"Our reliance on technology to stay close to loved ones, enable different ways of working and access crucial services has dramatically increased. Most of this has been to our benefit. But it's benefited our foes too as they exploit the accelerations in connectivity and poor cybersecurity," said Jeremy Fleming, director of GCHQ, the UK's intelligence and cyber agency.
Delivering this year's Imperial College Vincent Briscoe Annual Security Lecture, Fleming warned how hostile nation-states are looking to exploit the digital realm to conduct cyber attacks – including attempts to steal coronavirus research and exploit supply chains with malware and phishing attacks.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
But cyber criminal gangs also represent a major threat and Fleming warned that ransomware in particular represents a cybersecurity danger for organisations of all kinds.
"We've seen ransomware become a serious threat, both in terms of scale and severity. Increasingly, it targets crucial providers of public services, as well as businesses, as criminals play on our dependence on tech," he said.
Ransomware attacks involve cyber criminal groups infiltrating networks and locking files and servers with encryption then demanding a ransom of millions of dollars – often in Bitcoin – for the decryption key to return the files.
The rise in remote working has provided cyber criminals with additional avenues to gain initial access to networks as they exploit remote desktop services and VPNs, often secured with common or default passwords, while the nature of remote work means it's more difficult for information security teams to differentiate legitimate behaviour from potentially suspicious activity.
That's led to a rise in ransomware attacks against organisations in all sectors – and the attacks remain successful because there's a significant percentage of victims who'll pay the ransom of millions in order to retrieve their files.
"It has resulted in serious disruptions to education, health and local authorities, caused huge losses for unprepared businesses and has rapidly become a significant threat to our supply chains," said Fleming
"There's a whole other lecture here about the need for concerted action to address this trend – but for now, all I'd say is that it's growing at an alarming rate".
While ransomware is a growing threat to organisations, there are cybersecurity procedures which can help make networks more reliant against attacks.
They include avoiding the use of default login credentials while also adding two-factor authentication to help secure user accounts.
Organisations should also apply security patches and updates as soon as possible after they're released, to stop cyber criminals being able to exploit known vulnerabilities as part of attacks.
MORE ON CYBERSECURITY
- This company was hit by ransomware. Here's what they did next, and why they didn't pay up
- How to protect your organization's remote endpoints against ransomware
- Ransomware gangs now have industrial targets in their sights. That raises the stakes for everyone
- FBI and European law enforcement shut down VPN used by ransomware groups
- This company was hit by ransomware. Here's what they did next, and why they didn't pay up
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more