UK must improve cyber risk management in face of catastrophic threats

The UK is at high risk of a “catastrophic ransomware attack” according to a hard-hitting new parliamentary report, which recommends vastly improved risk management.

“If the UK is to avoid being held hostage to fortune and avoid electoral interference, it is vital that ransomware becomes a more pressing political priority, and that further substantial resource be devoted to tackling this pernicious threat to the UKs national security,” according to the report, by the Joint Committee on the National Security Strategy (JCNSS).

Such an attack would wipe out 1.6% of the nation’s gross domestic product and add £29 billion ($36 billion) to government borrowing, a 2022 report from the Office for Budget Responsibility found.

According to the JCNSS, the UK is the second-most ransomware-targeted country, after the US. The majority of this malicious software comes from Russian-speaking perpetrators, it added.

The report also says that the UK’s regulatory frameworks are insufficient and outdated, and warns that large swathes of critical national infrastructure remain vulnerable to ransomware because they rely on legacy IT systems.

It added that a large scale cyber-attack “bring the country to a standstill” because of poor planning and a lack of investment, warning that the UK could face a crippling cyber-attack on its critical national infrastructure (CNI) at any moment. 

The National Cyber Security Centre (NCSC) describes the CNI as national assets that are essential for the functioning of society, including energy supply, water supply, transportation, health and telecommunications.

The report said the government was failing to invest sufficiently to prevent large-scale cyber-attacks and criticised the Home Office, which claims the lead on ransomware as a policy issue, and former home secretary Suella Braverman, for failing to make the issue a priority.

It adds that there has been a failure to sufficiently invest in safeguards to prevent a major crisis, despite government agencies like the National Cyber Security Centre (NCSC) warning about ransomware attacks, particularly from groups linked to Moscow, Beijing and Pyongyang.

Future ransomware attacks could pose “a threat to physical security or safety of human life” the report said, if cyber-attackers manage to sabotage CNI operations. The report also warned that “cyber-physical systems” could be intercepted, including hackers taking control of the steering and throttle of a shipping vessel .