Critical Infrastructure Security , Cybercrime , Cyberwarfare / Nation-State Attacks
UK Plans for Enhanced Cybersecurity Role
Joint Effort with US to Maintain a Black List of Hackers Among Plan ProposalsThe U.K. says it plans to turn the country into a global leader in cybersecurity, in partnership with the U.S, to counter threats ranging from ransomware to critical infrastructure attacks, according to a report by U.K. newspaper the Telegraph.
See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation
Dominic Raab, the U.K.'s foreign secretary, told the paper that the government is currently developing a number of steps in a joint effort with the U.S. Some of the steps mulled under the proposed plan will include maintaining a black list of hackers and other malicious actors, initiating measures to sanction the entities, and adopting "more offensive means of disabling" threat actors' infrastructure, according to the report.
On Wednesday, the U.K. government also announced that both the U.S. and U.K. will revised the Atlantic Charter signed by the two nations to address cybersecurity challenges and to "work on tackling online crime and illicit finance."
Recent Incidents
The announcement from the U.K. comes in the wake of rising ransomware threats including to universities, schools and other organizations in the country.
In April, the University of Hertfordshire ransomware incident crippled its IT infrastructure and severely affected online classes. Prior to that 15 schools that are part of the Nova Education Trust and the network of the Harris Federation, which runs 50 primary schools and secondary academies in and around London, were compromised in a suspected REvil ransomware attack.
A June report by the U.K.'s National Cyber Security Centre warned that ransomware actors continue to target schools and universities across the country, with the threat actors leveraging vulnerabilities in virtual private networks, unpatched software and devices and by using phishing emails to target their victims (see: NCSC Warns of Surge in Ransomware Attacks Against Schools ).
Recent Joint Action
Owing to rise in various cyberthreats globally, the call for leading a unified effort to tackle cybercrime has grown internationally. Earlier this week, Jake Sullivan, Joe Biden’s national security adviser said that cybersecurity and understanding the role of cryptocurrency in cyberattacks must be a priority for Group of 7 or G7 countries. The Telegraph reported that the US president Joe Biden is believed to be pushing for cyber defense to be included in the joint communique that the G7 leaders will issue on Sunday.
Sullivan's comments come against the backdrop of a recent surge in high-profile ransomware attacks that saw hackers demanding millions of dollars in ransoms from victims such as JBS and Colonial Pipeline in cryptocurrencies.
Recent take-downs of multiple cybercrime rings have highlighted how unified efforts by law enforcement agencies can help in tackling various cyberthreats. On Friday, the U.S. Justice Department, along with law-enforcement agencies across Europe successfully shut down and seized the infrastructure of Slilpp cybercrime marketplace, which sold stolen credentials related to bank accounts and other payment mechanisms. The platform is believed to have sold data worth over $200 million in the U.S. alone (see: DOJ Shut Down Slilpp Marketplace for Stolen Credentials).
Earlier this month, it was revealed that the activities of thousands of global cybercriminals had been tracked by the FBI, along with Europol and other law enforcement agencies in Europe. They had been tricked into using a fake encrypted communications platform called Anom, which was developed by the FBI and used as a honeypot to monitor every message and image sent using the service (see: Encrypted Communications Network 'Anom' Was Sting Operation).