The National Cyber Security Centre (NCSC) said it tackled a record number of cyber incidents in the UK over the last year, with ransomware attacks originating from Russia dominating its activities.
The cybersecurity agency said it had helped deal with a 7.5% increase in cases in the year to August, fuelled by the surge of criminal hackers seizing control of corporate data and demanding payment in cryptocurrency for its return.
Paul Chichester, director of operations, said that “ransomware has certainly dominated a significant portion of year” and that the hacking epidemic had become “global as a story in the last 12 months”.
Criminal hackers, based in Russia or in nearby Russian speaking territories, successfully targeted organisations such as the London borough of Hackney and the celebrity jeweller Graff in the UK in the past year.
In May, in the US, oil and gas supplier Colonial Pipeline suspended operations after a ransomware attack left it unable to access key data. It eventually paid $5m (£3.7m) to the hackers to regain control of its systems.
Central government and the UK public sector do not pay cyber ransoms, although fixing the damage can take months. Rebuilding Hackney’s affected systems cost around £10m, with some of the costs met by central government.
However, NCSC officials said they had no power to prevent the payment of ransoms – often around £1m a time – by businesses to hackers, even though doing so ensured the criminal activity continued.
“We would say we would prefer people not to pay because that’s what keeps the UK safest collectively,” said Lindy Cameron, the director of the organisation, who acknowledged that commercial pressures meant some businesses felt they had little choice to meet the hackers’ demands for money.
British ministers and officials have considered banning cyber ransom payments, but it is understood that is unlikely to be implemented, partly because of concern it would discourage businesses from reporting attacks.
Many companies are able to claim on their cyber insurance, although once hackers have access to a corporate system they can seek the insurance policy to work out how much the company is able to pay.
Last month the head UK spy agency GCHQ, NCSC’s parent organisation, disclosed that the number of ransomware attacks on British institutions has doubled in the past year. The impact on the British economy is estimated to run into the hundreds of millions of pounds, mostly stemming from the costs of immobilising businesses.
Dan Sabbagh Defence and security editor