Data on the sex lives of almost 10,000 people was stolen from a British government department in one of the ransomware attacks that hit Westminster in the first half of this year.
It is not clear which department the information was stolen from, or why the government held the data, defined by the Information Commissioner’s Office (ICO) as “any data about a person’s sex life that is not not specifically linked to their orientation or state of health. ”, potentially including the use of dating and period tracking apps.
According to the latest tranche of security incident trends data released by the ICO, there were 10 ransomware attacks against central government in the first six months of this year, double the total number of attacks successful attacks against Whitehall departments since records began in 2019.
A sharp increase in incidents can be seen in several sectors. As reported According to Recorded Future News, data previously released by the ICO shows that ransomware attacks reached record levels in 2022, with criminals compromising the data of at least 5.3 million people across more than 700 organizations.
But in the first half of 2023 alone, ransomware criminals have already compromised 667 organizations in the UK – just over 94% of the 706 affected last year – suggesting that efforts to tackle the ecosystem criminal are not proving effective.
The government has not responded to Recorded Future News as to why it holds data on sex lives. A Home Office spokesperson said: “Ransomware is the most significant threat to national cybersecurity facing the UK today. Defending the UK against ransomware attacks and reducing their impact on victims is a top priority for this government.
This data supports comments from UK Security Minister Tom Tugendhat, who warned in September: “The UK is a prime target for cybercriminals. Their attempts to close hospitals, schools and businesses have disrupted people’s lives and cost taxpayers millions. Unfortunately, we have seen an increase in attacks.
Even in the first six months of this year, ransomware attacks have already broken records across several critical sectors in the UK. Central and local authorities reported more incidents in the first half of the year than in the previous three years.
Dozens of countries have recently joined efforts to tackle the business model behind financially motivated cyberattacks on government systems. sign a commitment as part of the Counter Ransomware Initiative to never pay extortion fees in the event of an attack targeting “relevant institutions under the authority of our national government.”
At the time, Tugendhat said the commitment was “an important step in our efforts to dismantle highly organized and sophisticated cybercriminals, and sets a new global standard that will help disrupt their business models and deter them from targeting our country.” “.
Responding to Recorded Future News about this article, a Home Office spokesperson cited this commitment as well as “sanctions against 18 Russian cybercriminals” as demonstrations of the government’s response to the criminal ecosystem.
“We will continue to use every lever at the government’s disposal to counter this heinous crime and hold these criminal actors accountable,” they added.
Data from the first half of this year, which reveals a record number of incidents affecting the public sector, does not cover the period when the engagement was active. However, even then, this would not prevent payments from private sector organizations, which, according to ICO data, constitute the bulk of victims in the criminal ecosystem.
Nearly every industry included in the ICO data is expected to experience a record number of ransomware attacks in 2023. Some, including finance and credit, utilities, and technology and telecommunications, have already surpassed this rod.
The 87 attacks on the education and childcare sector resulted in 14 incidents in which data on up to 156,000 children was stolen, including one incident affecting between 1,000 and 10,000 children during which sexual orientation data was compromised by hackers.
Since 2019, there have been 19 incidents in which data on children’s sexual orientation was stolen from sector organisations.
Previously speaking to Recorded Future News, Jamie MacColl, a researcher at the Royal United Services Institute (RUSI) – whose work includes a research project on the harms of ransomware and the experiences of victims — said: “We have collected very little evidence that stolen or leaked personal data… is being systematically exploited by ransomware threat actors or other cybercriminals.
“However, this is not to say that there are not incidents where highly sensitive information about individuals has been published or sent to them to increase pressure. …During our research, we also heard of cases where ransomware threat actors targeted schools and then sent save data stolen to parents to increase pressure on schools to pay.
In 2020, ransomware incidents accounted for 20% of all cyber incidents, before rising to 28% the following year. Ransomware attacks have continued to rise to 34% in 2022, and since the first half of this year, they now account for nearly two in five incidents.
Establishing the true scale of ransomware incidents is a challenge for officials trying to figure out how to solve the problem. Victims are not required to report attacks to law enforcement, and darknet extortion sites only provide a partial count of victims who refused to pay.
ICO data is collected under UK data protection laws, which require companies to report personal data breaches to the regulator or risk being fined up to 4% of the turnover. organization’s global affairs if they do not report.
No company has ever received such a fine, and the data set necessarily only covers ransomware incidents involving a personal data breach, meaning an attack involving server-level encryption might not require reporting.
Earlier this year, the National Cyber Security Center and the ICO also published a common blog post saying it was “increasingly concerned” that ransomware victims were hiding incidents from law enforcement and regulators.
Despite the limitations of the ICO data, experts including RUSI’s MacColl told Recorded Future News that it is “probably the most comprehensive public dataset on the frequency of ransomware attacks in the United Kingdom “.
Future saved
Intelligence cloud.
No previous articles
No new articles
