In slightly terrifying news, the UK is said to be unprepared for a large-scale ransomware attack 'at any moment'.
That's according to a new report by UK Parliament's Joint Committee on the National Security Strategy (JCNSS), which suggests the country could be brought to a standstill unless major changes to planning and preparation are made.
It's all pretty damning, with the report accusing the UK Home Office of giving political priority to other issues.
It said the responsibility for tackling ransomware attacks should be taken off the Home Office and given to the Cabinet Office and overseen directly by the Deputy Prime Minister, Oliver Dowden.
Advert
The report said former UK home secretary Suella Braverman “showed no interest” in the issue and instead focused on things like illegal migration and small boats.
So what is a ransomware attack exactly? It's a type of cyber attack where hackers breach a system and lock access to data and files, demanding payment in order to release the files or stop them being leaked. It's what's been used in some of the biggest cyber attacks to date - you might remember the Wannacry attack on the NHS back in 2017 or another example often cited is Bad Rabbit.
The report warns that large amounts of the UK's critical national infrastructure is vulnerable to ransomware, because it uses outdated IT systems.
Advert
“The UK has the dubious distinction of being one of the world’s most cyber-attacked nations," said Dame Margaret Beckett, chairwoman of the JCNSS.
“It is clear to the committee that the Government’s investment in and response to this threat are not equally world-beating, leaving us exposed to catastrophic costs and destabilising political interference.
“In the likely event of a massive, catastrophic ransomware attack, the failure to rise to meet this challenge will rightly be seen as an inexcusable strategic failure."
She warned that the legislative framework around cyber attacks is outdated and the agencies tasked with responding to them are under-resourced.
Advert
The report said the government hadn't invested enough in safeguards to prevent a major crisis - even though agencies like the National Cyber Security Centre (NCSC) have already sounded the alarm on the dangers of ransomware, particularly from hacking groups linked to Russia, China and North Korea in particular.
And next year is definitely not the time the UK wants to fall foul of a ransomware attack, as a general election is likely to happen sometime in 2024. In fact, the report has called for a private briefing from the NCSC on preparations to protect the UK from cyber attack ahead of the election, with concerns over possible interference in the democratic process.
So what did the Government have to say after the report came out?
Advert
A spokesman said: “We welcome the JCNSS’s report and will publish a full response in due course.
“The UK is well prepared to respond to cyber threats and has taken robust action to improve our cyber defences, investing £2.6 billion under our Cyber Security Strategy and rolling out the first ever Government-backed minimum standards for cyber security through the NCSC’s Cyber Essentials scheme.
“We have also, this year, sanctioned 18 criminals responsible for spreading a prolific ransomware strain, taken down a piece of malware that infected 700,000 computers, and led on an unprecedented international statement denouncing ransom payments, signed by 46 nations."