A former UK cybersecurity chief has raised concerns that ransomware incidents are on the verge of “spiraling out of control”. Ciaran Martin has also called for legislation to prevent people from paying bitcoin to cyber criminals.
Former Official Claims Most cyber criminals are based in Russia
During an interview with The Guardian, Martin, the director of the National Cyber Security Center (NCSC), pointed out that insurance companies indirectly fund organized crimes in ransomware incidents.
Martin believes corporate insurance claims from ransomware attacks help keep the criminal circuit alive. In addition, the former cybersecurity officer explains that national health systems could be affected by such attacks during the pandemic:
I see this as so avoidable. Right now, companies have incentives to pay ransom to make sure all of this is gone. You need to think seriously about changing the insurance law to ban these payments, or at least a full consultation with the industry.
The former NCSC official says the problem lies in the lack of legal obstacles preventing companies from paying ransom.
The Guardian quotes him as saying that most of the threat actors come from Russia and some other former Soviet states. “People pay bitcoin to criminals and ask for cash back,” added Martin.
Paying ransom to cyber gangs is not prohibited under UK law
While UK law strictly forbids ransom payments to terrorists, the rule does not apply to cyber criminals. The report includes the following statement:
UK extortion laws forbid paying ransom to terrorists and were largely drafted in response to the threat of kidnapping. However, cyber attacks are not carried out by terrorist groups, so paying ransom demands is not an obstacle – and it is possible to make an insurance claim if no personal data was involved.
According to a report shared with news.Bitcoin.com, malware lab Emsisoft said 2020 was another “banner year for cybercriminals” in ransomware incidents in the US.
A study by blockchain analytics firm Chainalysis also found that cryptocurrency-related crime has decreased significantly. The criminal share of all crypto activities fell to just 0.34% in 2020.
What do you think of the former intelligence official’s concerns? Let us know in the comments below.
Photo credit: Shutterstock, Pixabay, Wiki Commons