Councils face intensified ransomware threat

Written by Colin Marrs on 11 November 2015 in News

Groups behind ransomware campaigns are set to concentrate their attention on local government in 2016, according to a report by security experts.

The 2016 Threats Predictions report by cybersecurity firm McAfee Labs said that such attacks, which are already happening, are set to grow significantly next year.

Ransomware is malware which prevents users from accessing their systems or data and demands money for the victim to regain access.

Christiaan Beek, director of threat intelligence, malware operations, at McAfee Labs, said: “The groups behind most current ransomware campaigns are going for ‘fast cash,’ by using spam campaigns and exploit kits such as Angler, and targeting wealthy countries in which people can afford to pay the ransom.

“While we expect this to continue in 2016, we also foresee a new focus on industry sectors including financials and local government, which will quickly pay ransoms to restore their critical operations.”

Related content

Isis hacking reports 'mistaken', says council
Sophos State of the Nation: An inside view of current IT security policy and future changes in local government and police

Beek said that, usually, only Microsoft Office, Adobe PDF and graphics files are targets, but that the range of file extensions targeted is expected to grow.

In addition, attacks will start targeting Mac OSX due to its growing popularity.

McAfee Labs also said that the motivations of hackers are becoming increasingly unclear following the Ashley Madison hack, where an unknown group released user data from the extra-marital dating site.

The report said the attack “does not sound like a high-minded, clearly defined political or social action, which is a cornerstone of a true hacktivist attack.”

Last year, a group claiming to be Anonymous executed a series of cyberattacks on Canadian police, court, and government institutions last year.

Anonymous denied involvement, saying that they would not condone some of the actions taken by the attackers. The incident remains unexplained.

Raj Samani, vice President, chief technical officer for Intel Security in Europe, the Middle East, and Africa at McAfee Labs’ parent company Intel, said: “It is possible that these actions and others like them are the work of chaotic actors—those who just want to see things burn.

“If that is true, then we may be entering a world of vandalism at an industrial scale.”

However, he said that the motivation also be classic cybercrime using hacktivism as a mask, or even “false flag” operations aimed at discrediting Anomymous.

Share this page



Please login to post a comment or register for a free account.

Related Articles

EXCL: Wall of silence surrounds plan for nationwide collection of citizens’ internet records
26 May 2022

Online notice reveals controversial trials are to be expanded into a national service – about which government, law enforcement, watchdogs and all the UK’s major ISPs declined to answer questions...

NHS Covid Pass set to be phased out within nine months
6 July 2022

Government is considering ‘transition options’ ahead of planned closure of programme for vaccination certification

Government seeks data and analysis leader for post-Brexit trade unit
5 July 2022

Cabinet Office-based team offers potential six-figure salary for cross-government role

Government urged to commit to devolution to drive innovation and levelling-up
29 June 2022

Think tank report identifies benefits of city mayors, but finds many local officials are frustrated with current interactions with Whitehall