Councils face intensified ransomware threat

Written by Colin Marrs on 11 November 2015 in News

Groups behind ransomware campaigns are set to concentrate their attention on local government in 2016, according to a report by security experts.

The 2016 Threats Predictions report by cybersecurity firm McAfee Labs said that such attacks, which are already happening, are set to grow significantly next year.

Ransomware is malware which prevents users from accessing their systems or data and demands money for the victim to regain access.

Christiaan Beek, director of threat intelligence, malware operations, at McAfee Labs, said: “The groups behind most current ransomware campaigns are going for ‘fast cash,’ by using spam campaigns and exploit kits such as Angler, and targeting wealthy countries in which people can afford to pay the ransom.

“While we expect this to continue in 2016, we also foresee a new focus on industry sectors including financials and local government, which will quickly pay ransoms to restore their critical operations.”

Related content

Isis hacking reports 'mistaken', says council
Sophos State of the Nation: An inside view of current IT security policy and future changes in local government and police

Beek said that, usually, only Microsoft Office, Adobe PDF and graphics files are targets, but that the range of file extensions targeted is expected to grow.

In addition, attacks will start targeting Mac OSX due to its growing popularity.

McAfee Labs also said that the motivations of hackers are becoming increasingly unclear following the Ashley Madison hack, where an unknown group released user data from the extra-marital dating site.

The report said the attack “does not sound like a high-minded, clearly defined political or social action, which is a cornerstone of a true hacktivist attack.”

Last year, a group claiming to be Anonymous executed a series of cyberattacks on Canadian police, court, and government institutions last year.

Anonymous denied involvement, saying that they would not condone some of the actions taken by the attackers. The incident remains unexplained.

Raj Samani, vice President, chief technical officer for Intel Security in Europe, the Middle East, and Africa at McAfee Labs’ parent company Intel, said: “It is possible that these actions and others like them are the work of chaotic actors—those who just want to see things burn.

“If that is true, then we may be entering a world of vandalism at an industrial scale.”

However, he said that the motivation also be classic cybercrime using hacktivism as a mask, or even “false flag” operations aimed at discrediting Anomymous.

Share this page



Please login to post a comment or register for a free account.

Related Articles

Home secretary admits sending multiple documents to personal email
1 November 2022

Braverman reveals six occasions on which guidelines were breached – but claims no information on law enforcement, security or cyber issues was sent

Government does ‘not expect public-service disruption’ over UKCloud insolvency
28 October 2022

Public sector hosting provider has suspended itself from frameworks after being placed in compulsory liquidation

Government to study ‘key vulnerabilities’ of cloud sector and estimate national cost of outages
26 October 2022

Research will consider potential impact of system failure on the country’s finances and way of life

Home secretary Braverman leaves post after sending official document via personal email
20 October 2022

Use of personal accounts – which came under scrutiny during the pandemic – is a contravention of government guidelines