Credit: rawpixel.com/PxHere/Keith Hall//Clker-Free-Vector-Images/Pixabay/CC BY 2.0

A cabinet minister has warned that ransomware poses a threat to national security and implored all victims of attacks to report them to authorities.

Speaking at the Cyber UK event in Newport last week, chancellor of the Duchy of Lancaster Steve Barclay described ransomware attacks as “the greatest cyber threat to the UK – [and] one now deemed severe enough to pose a national security threat”.

He claimed that, in 2020, the estimated cost to the UK economy of ransomware breaches was “a minimum of £615m”. 

“But the number of incidents – and indeed their economic cost to the UK – is likely to be much higher [than estimated],” the minister added. “Law-enforcement teams believe that most attacks go unreported: perhaps through embarrassment or a reluctance to admit that money has indeed changed hands. So, I would encourage any organisation that suffers an attack to come forward, [and] report it to Action Fraud who run our 24/7 cyber reporting line. By doing so, you will help us to strengthen our individual and collective resilience as we learn from each other.”

Barclay, whose ministerial role sits at the head of the Cabinet Office, told attendees about a recent attack that had been detected by experts at the National Crime Agency.

“The agency alerted a public-sector organisation to an ongoing breach of its systems,” he said. “Within hours, the NCA had identified the compromised services and located the exfiltrated data, which it later managed to take down; so that no personal information got out. What we learned is that our controls quickly spotted the incident and our reaction was swift. And we were then able to share useful evidence with industries so they can learn and prepare for similar attacks.”

Related content

• Departments to undergo independent audits of cyber resilience
• UK calls out Russia for ‘despicable’ cyberattacks on vaccine efforts
• ICO examining ‘serious cybersecurity incident’ at FCDO

Barclay’s warning came shortly after the UK, the US and the EU formally attributed to Russia a series of destructive cyberattacks launched before and since the invasion of Ukraine. Chief among these was an attack on communications firm Viasat that coincided with the military invasion and, according to the government, affected individual and business internet users throughout Europe – including some energy companies.

“In the run-up to the Ukraine invasion, Russia unleashed deliberate and malicious attacks against Ukraine,” Barclay told delegates of the event, which is held annually by the National Cyber Security Centre. “The Ukrainian financial sector was targeted by distributed denial of service attacks that took websites offline. With the UK government declaring the Russian Main Intelligence Directorate, the GRU, as being involved. Since then, evolving intelligence about Moscow exploring options for cyberattacks prompted last month’s joint advisory from the UK and our Five Eyes allies – that Russia’s invasion of Ukraine could expose organisations within and beyond the region to increased malicious cyber activity. Some UK citizens have already felt the impact of cyberattacks.”

Six months on from the government’s publication of a nationwide strategy for cybersecurity, the minister concluded with an assertion that meeting the ongoing threat posed by Russia – and cyber risks more widely – requires “a whole-of-society response”.

“This is at the heart of the National Cyber Strategy, treating the cyber domain as no longer being a niche concern simply for the IT team – but as a wide-ranging grand initiative,” he said. “Being a responsible, durable, effective cyber power cannot be achieved by government alone. So, we want to work with industry, universities, schools and individual citizens.”