The scale and threat of Ransomware: UK Parliament Committee invites NCC Group’s Ollie Whitehouse to give evidence

This week, NCC Group’s Global CTO, Ollie Whitehouse was called as an expert witness to the UK Parliament Joint Committee on the National Security Strategy’s inquiry into ransomware.

The inquiry is the first major parliamentary review of the UK Government's approach to tackling ransomware for some time, and will be key to setting the policy agenda in the UK.

Specifically, the Inquiry has been brought about to explore the following topics:

• The ransomware threat landscape, vulnerability of UK organisations and victims’ experience;
• The effectiveness of the UK Government’s response and the role of public-private partnerships; and,
• Policy reforms that might enhance the UK’s response to ransomware, including the scope for global cooperation.

Ollie shares his thoughts on the key discussion points raised and takeaways for organisations:

Who is at risk?

Ransomware is a true game of 3D chess and as organisations have become more resilient and are able to recover more effectively, criminals have adapted their strategy – so, they not only encrypt data now, but they also extort by threatening to leak.

Any organisation is at risk of being targeted. Some groups gravitate towards larger firms and larger payouts. But we also see those at the other end of the spectrum – those that want smaller payouts and work based on volume.

Some organisations are less able to protect themselves or invest in cyber resilience due to their size or financial situation… And the UK currently does not have ‘universal healthcare’ for cyber to support them.

What can be done to combat the pervasive threat?

Assuring the integrity of supply chains should be prioritised recognising that our digital borders do not stop at our physical borders.

In other words, even if the UK was impervious to ransomware, our overseas suppliers would not be and therefore working with allies to ensure that there are sufficient levels of resilience across core markets should form part of the UK’s national response.

There is no silver bullet, just hard graft to develop the evidence base and the plan that will work in practice.

What do we need to see in the future?

We need to focus on encouraging organisations to consider cyber in the same way they consider health and safety. We should be working towards an open and engaged culture of cyber resilience, much like aviation has a culture of safety, where we share information and organisations that report incidents get credit rather than punishment.

Next steps

Once the evidence gathering phase is complete, the Committee will draft and publish a report with recommendations for the UK Government.

You can watch a recording of the session here

NCC Group’s Monthly Threat Pulse

Our Global Threat Intelligence team tracks ransomware activity by actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released.

By recording this data and classifying the victims by sector and region, we are able to derive insights into the most active threat groups, which industries are being targeted, where the victims are based and how these insights compare to previous months.

You can find our latest threat pulse here