The head of the National Cyber Security Centre has warned that a major cyber-attack is a matter of “when, not if”.
Ciaran Martin said the UK has so far avoided a category one attack, defined as an attack that might cripple infrastructure. During an hour-long interview with the Guardian, Martin said he anticipated such an attack in the next two years.
“I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack.
Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date.
What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn’t pan out in the way the attackers wanted to.”
The last major attack was the WannaCry ransomware that crippled NHS, this was a category two attack. Similarities were spotted between this cyber-attack and code used by a group with links to the North Korean government say Kaspersky and Symantec.
The companies said that technical details within an early version of the WannaCry code are similar to code used by the government-linked North Korean hackers, Lazarus Group.
The attack that hit the NHS brought to light a global ransomware infection, hitting 75,000 computers in 99 countries, demanding ransom payments in 20 languages.
Ransomware is computer malware that installs covertly on a victim’s device that either mounts the cryptoviral extortion attack from cryptovirology that holds the victim’s data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim’s data, until a ransom is paid.