Lindy Cameron, the head of the National Cyber Security Centre, said during her opening keynote speech at Chatham House’s cyber conference there had been several major cyber incidents over the past year - including one which Britain and America attributed to hackers working on behalf of China.
Ransomware can affect all
She referenced the well-known Solar Winds and Colonial Pipeline attacks, as well as one on Ireland’s Health Service and Hackney Council.
"Ransomware presents the most immediate danger to UK businesses and most other organisations, from FTSE 100 companies to schools; from critical national infrastructure to local councils,” explained Cameron.
She added that the challenge the ransomware criminal gangs posed in terms of law enforcement is "acute" as those responsible often operate beyond our borders, are increasingly successful in their endeavours and pose a global challenge.
Paying up ‘emboldens’ criminals
She also said it was expected that ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay.
She went on: "We have been clear that paying ransoms emboldens these criminal groups - and it also does not guarantee your data will be returned intact, or indeed returned at all."
Private spyware groups
Ms Cameron also made the first statement from anyone attached to the British government to directly reference the threat posed by private spyware companies such as the NSO Group.
The Israeli hacking business was accused of assisting despotic regimes in targeting journalists, political dissidents, and human rights activists. NSO Group responded that its spyware was only used by governments to hack the mobile phones of terrorists and serious criminals.
But a series of rulings in the High Court published last week found that Dubai's ruler had used the software to spy on his ex-wife and her lawyers during a legal battle over their children.
Ms Cameron mentioned NSO Group's Pegasus spyware, noting that, "reportedly, customers of NSO Group had marked tens of thousands of global telephone numbers as potential targets. This demonstrated something we have raised a red flag about before – the commercial market for sophisticated cyber exploitation products”.
"We need to avoid a marketplace for vulnerabilities and exploits developing that makes us all less safe," Ms Cameron added.