G7 leaders confirmed their commitment to urgently tackling ransomware on Sunday, as a senior British security chief will warn today that cyber-criminals represent a more significant threat than state-sponsored espionage.
The Carbis Bay communique, published after a three-day summit of world leaders in Cornwall, singled Russia out by name — urging Vladimir Putin to “identify, disrupt and hold to account” cyber-criminals operating from the country.
“We commit to work together to urgently address the escalating shared threat from criminal ransomware networks,” it added. “We call on all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions.”
Lindy Cameron, CEO of GCHQ offshoot the National Cyber Security Centre (NCSC), will reportedly tell an audience today that Britain’s failure to tackle ransomware is “far more worrying” than the “malicious strategic threat” of state-backed online espionage.
She will reportedly add that, in a dangerous development, the ransomware-as-a-service (RaaS) model has democratized the ability to launch attacks and that such raids are “often enabled and facilitated by states acting with impunity.”
Hostile states such as Russia are long thought to have tolerated cybercrime groups operating from within their borders, as long as attacks are targeted at organizations in rival nations.
Despite the rhetoric, the lines between financially motivated cybercrime and nation-state activity are, in fact, increasingly blurring.
An HP report from April claimed that governments now routinely buy exploits and hacking tools from the cybercrime underground and often recruit criminal operators to help with specific stages of threat campaigns.