Cybercrime: Business

Home Office written question – answered on 16th September 2020.

Alert me about debates like this

Photo of Lord Mendelsohn Lord Mendelsohn Labour

To ask Her Majesty's Government what plans they have to protect British companies targeted by cyber ransom attacks.

Photo of Lord Mendelsohn Lord Mendelsohn Labour

To ask Her Majesty's Government what assessment they have made of research by Emsisoft showing that the amount paid by British companies in ransom to cybercriminals in 2019 was over £200 million.

Photo of Lord Mendelsohn Lord Mendelsohn Labour

To ask Her Majesty's Government what is their estimate of the amount paid by British companies to cybercriminals as a result of cyber ransom attacks in (1) 2018, and (2) 2019.

Photo of Lord Mendelsohn Lord Mendelsohn Labour

To ask Her Majesty's Government what meetings they have held with the insurance industry about the growth in cyber ransom attacks against British businesses; and what assessment they have made of the extent to which insurers are encouraging their clients to pay ransoms.

Photo of Lord Mendelsohn Lord Mendelsohn Labour

To ask Her Majesty's Government what assessment they have made of the extent to which British companies are paying ransoms to cyber criminals in order to regain access to their data; and what guidance they have made available to support businesses in such circumstances.

Photo of Baroness Williams of Trafford Baroness Williams of Trafford The Minister of State, Home Department

The Government continues to see a significant increase in the scale and severity of malicious cyber activity globally. This is why the National Cyber Security Strategy 2016-2021 is supported by £1.9billion of transformational investment. Part of GCHQ, the National Cyber Security Centre (NCSC), is at the heart of this strategy. The Centre provides a single, central body for cyber security at a national level, and has helped over a million organisations become more secure.

Ransomware attacks are increasingly common globally, the Government continues to provide support to British businesses and organisations to try to mitigate the threat. The NCSC continually reviews its advice and guidance to reflect new trends and how companies can protect themselves, as well as providing swift support to organisations which fall victim to ransomware. Additionally, the National Crime Agency’s National Cyber Crime Unit (NCCU) provides the focus for our national response to combating serious cyber criminals. It is using its increased operational resources to deliver arrests and disruption, using the NCA’s enhanced intelligence picture to target criminals where they are most vulnerable. Our priority working alongside the police and the National Cyber Security Centre (NCSC) is to do all we can to mitigate any harm to the UK.

The legal decision of whether or not to pay the ransom is ultimately a matter for the individuals or organisations concerned. We encourage victims of ransom demands to contact the authorities for support. Organisations are increasingly being targeted by ransomware attacks rather than individuals; this is because criminals can demand more money, and victims are more likely to pay due to reputational damage and desire to maintain the viability of their business for the future.

Information Commissioner’s Office (ICO) statistics indicate that in the last financial year for 2019/20 there were 160 recorded ransomware-related breaches, accounting for 6.8% of all cyber-related breaches. The Government currently does not hold any official data on the total cost of ransomware demands.

Does this answer the above question?

Yes1 person thinks so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.