The Joint Committee on the National Strategic Security warned that such attacks could "take down large parts" of the UK's critical national infrastructure, and urged Parliament to set aside more resources to combat the issue, especially in "cash-strapped" sectors such as healthcare and local government.
"There is a high risk that the Government will face a catastrophic ransomware attack at any moment," the report stated, "and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security."
According to the committee's findings, the majority of the ransomware attacks against the UK in the past have been from "Russian-speaking perpetrators." While some have committed the crimes with approval from the Kremlin itself, others did it "as an easy way to make large sums of money, with next-to-no chance of being caught or prosecuted."
The report pointed out that while the government's National Cybersecurity Centre has worked on beefing up the UK's "resilience," more needed to be done to protect sectors that still rely on "legacy IT systems" that are more easily targeted by criminals.
Until such action is taken, the committee argued, "a coordinated and targeted attack has the potential to take down large parts of UK CNI and public services, causing severe damage to the economy and to everyday life in the UK."
As the Guardian reports, a ransomware attack in 2022 targeted the National Health Service and gave the perpetrators access to patient data. A number of local governments also fell victim and were locked out of their systems for nearly three weeks at a cost of over £10 million.
