Ransomware gangs are plundering companies in Viking like raids, say Britain’s former top cyber spy. Ciaran Martin, the former chief executive of Britain’s National Cyber Security Centre, said: “We should start from the presumption that large scale transfers of wealth to Russian hackers should not be allowed.”
He adds that paying ransoms rarely acts as a “magic switch” to restore blocked services anyway.
Cybercriminals may leave malware in the system and come back again in a 21st century version of Danegeld, the extortion racket run by Viking raiders.
That was precisely the scenario faced by Sweden’s Coop supermarket chain last weekend as it was forced to shut 800 stores after being targeted by the REvil cyber-crime group.
Kaseya, the Florida-based software provider that was initially compromised by hackers, thereby exposing its customers, later revealed that between 800 and 1,500 organisations may have been affected, including 11 schools as far away as New Zealand.
The hackers have demanded $70m to release the digitally padlocked data.
Such ransomware attacks are becoming increasingly common, costly and disruptive as we plug new and often poorly secured devices into the internet at a reckless rate. Our collective vulnerability has swelled during the Covid-19 pandemic as we have lived our lives online and worked from less-secure remote locations.
Last year, the number of ransomware attacks increased by more than 60 per cent to 305m as hackers sought to exploit these new opportunities, according to SonicWall, a security company.
But technology vendors and users must also do far more to improve basic cyber hygiene. The vast majority of attacks use fairly basic hacking techniques, such as scam “phishing” emails.
These profit from simple vulnerabilities stemming from the poor design and use of legacy systems, often called technical debt by software developers.
In that sense, cyber experts are right to describe ransomware groups as “technical debt collectors”. warns Emily Taylor, chief executive of Oxford Information Labs, a cyber policy centre.
“Unless we collectively pay off that debt by constantly improving our computer systems we will always remain at risk, “We are in a collective hallucination that cyber security is different from every other type of security. Ultimately, it comes down to people and processes,” she says.