UK government woefully unprepared for 'catastrophic' ransomware attack

The UK has failed to address the threat posed by ransomware, leaving the country at the mercy of a catastrophic ransomware attack that the Joint Committee on National Security Strategy (JCNSS) yesterday warned could occur "at any moment."

The Parliamentary select committee reached this conclusion in a scathing report released December 13 that accused the government of failing to take ransomware seriously, and of providing "next-to-no support" to victims of ransomware attacks.

"There is a high risk that the government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking," the report concluded. "There will be no excuse for this approach when a major crisis occurs, and it will rightly be seen as a strategic failure."

Recent examples of ransomware infections at UK government institutions and critical private infrastructure are not hard to find.

Manchester Police, Royal Mail and the British Library have all fallen victim to ransomware attacks since September 2023.

In July 2023, the Barts Health NHS Trust hospital group was hit by the BlackCat ransomware gang. The NHS had already been taught a lesson about the vicious power of ransomware in 2017 when multiple Brit hospitals stopped taking new patients, other than in emergencies, after being hobbled by WannaCry.

Third-party providers of NHS software systems have been hit as well, taking systems offline and forcing care providers to revert to pen and paper.

In short, the situation with ransomware in the UK is already bad, and the JCNSS has predicted things will likely get worse.

"The UK has the dubious distinction of being one of the world's most cyber-attacked nations, lamented Dame Margaret Beckett, JCNSS chair. "The Government's investment in and response to this threat are not equally world-beating."

The Home Office, meanwhile, is busy chasing boats

The report calls out the Home Office and former home secretary Suella Braverman for "showing no interest" in ransomware, instead giving "clear political priority … to other issues, such as illegal migration and small boats."

Illegal migration is undoubtedly a significant policy challenge, the JCNSS concedes, "but there is a risk that ransomware is relentlessly deprioritized."

• Ransomware attacks register record speeds thanks to success of infosec industry
• US officials close to persuading allies to not pay off ransomware crooks
• Ransomware more efficient than ever, and baddies are still after your logs
• BYOD should stand for bring your own disaster, according to Microsoft ransomware data

One of the primary recommendations made by the JCNSS report is to reassign responsibility for ransomware from the Home Office to the Cabinet Office where it can be overseen by the deputy prime minister in partnership with the National Cyber Security Centre and National Crime Agency.

A new regulatory framework for addressing cyber crime is also needed, the report suggests, as the UK’s Computer Misuse Act (CMA) was introduced before the arrival of the internet.

Some of the other 27 recommendations in the report include setting up a central reporting mechanism for ransomware, and determining whether UK organizations should have an obligation to report ransomware attacks. Increased funding the NCSC and NCA to help victims negotiate with ransomware actors, recover and remediate future threats, is another recommendation.

Even King Charles gets a mention – and criticism for failing to mention CMA reform in his (government written) speech at November's opening of Parliament.

"If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK's national security," Beckett warned. ®