Businesses are being urged not to pay cyber extortionists as authorities say they are seeing evidence of rising ransomware payments.
In a joint letter to the Law Society, the National Cyber Security Center (NCSC) and the Information Commissioner’s Office are warning solicitors who may have advised their clients to pay.
Earlier this year, cyber security experts from the UK, US and Australia a warning “a growing wave of increasingly sophisticated ransomware attacks” that could have “devastating consequences.”
The joint letter said that while ransomware payments “are not extremely illegal,” those paying them “should be mindful of how relevant the sanctions regimes (especially those related to Russia) are.” , when considering the possibility of making a payment.
In December 2019, the US imposed sanctions on any financial transactions with a Russian cybercriminal group accused of cooperated with Russian intelligence to steal classified government documents.
WHAT IS PA-DEMANDING?
Ransomware is a type of malware (malware) that attackers can deploy on a victim’s computer network to encrypt their files and render their devices unusable.
In today’s ransomware attacks, the criminals demand that the victim pay huge sums of money, often in bitcoins and sometimes millions of pounds, to decrypt their files and make them available again.
But the criminal system involved, consisting of sophisticated networks of individuals who specialize in their roles, has developed a multifaceted extortion model that involves stealing sensitive files and threatening to post them online in case victims can recover their files from unencrypted backups, or simply refuse to pay.
If published, these files, which may involve confidential business transactions or contain customer information, could damage the victim company’s reputation, affect their stock price, or potentially even lead to a class action lawsuit, all potential consequences that the criminals believe are part of their extortion schemes.
But as the UK’s National Cyber Security Center warns: “Even if you pay the ransom, there’s no guarantee you’ll get access to your computer or files.”
Despite the outbreak of the Russian war in Ukraine – in one case knocking Germany’s 5,800 wind turbines offline – The NCSC says it has detected no increase in enemy activity targeting Britain during the conflict.
However, businesses have been warned that there is an increased threat level when it comes to cyber attacks due to the conflict, which is likely to be here “for a long time”.
NCSC Chief Executive Lindy Cameron said: “Ransomware remains the biggest online threat to the UK and we do not encourage or condone ransom demands from criminal organisations.
“Unfortunately, we have recently seen an increase in payments to criminal extortionists and the legal sector has an important role to play in reversing this trend.
“Cyber security is a collective effort and we are calling on the legal sector to work with us as we continue our efforts to tackle ransomware and keep the UK safe online.”
Mrs. Cameron previously warned that ransomware gangs pose a “severe challenge” to law enforcement, as “the criminals responsible often operate beyond our borders and are increasingly successful in their efforts.”
“We expect ransomware to remain an attractive avenue for criminals as long as organizations remain vulnerable and continue to pay,” she said at the time.
While the case has been made for criminalizing ransom payments, this creates a number of additional risks, such as giving criminals an additional factor they can use to extort their victims.
John Edwards, the Information Commissioner, added: “Engaging with cybercriminals and paying a ransom only encourages other criminals and does not ensure that compromised files will be released.
“This certainly does not reduce the scale or type of enforcement actions resulting from ICOs or the risk to individuals affected by the attack,” he added, responding to speculation that some lawyers had told their clients that paying criminals would be seen as a step to protect user data.
“We have seen that cybercrime has cost British firms billions over the past five years,” the commissioner said.
“The answer must be vigilance, proper cyber hygiene, including keeping adequate backups of files and properly training staff to detect and stop attacks.
“Organizations will get more credit from these settlements than from paying criminals.
“I want to work with the legal profession and the NCSC to make sure companies understand how we will handle cases and how they can take practical steps to protect themselves in a way that we will see in our response if the worst happens.”