UK cyber and crime agencies have highlighted an increase in ransomware, data theft and extortion attacks as a rapidly evolving cyber crime ecosystem takes advantage of weak online security.


The National Cyber Security Centre (NCSC) and National Crime Agency (NCA) published a white paper this week, detailing the tactics of organised criminal groups in launching ransomware, data theft and extortion attacks and the security vulnerabilities that allow them to succeed. In this blog post we summarise the key takeaways and recommendations.

The cyber crime ecosystem

As businesses have progressed in planning for and responding to cyber attacks, ransomware groups have evolved and adapted to survive and maximise profits. Ransomware and extortion attacks have evolved into elaborate business models with multiple enabling services, platforms, distributors, and affiliates involved in the process.

The development of “Ransomware as a Service” means that cyber criminals no longer need extensive computing knowledge and technical skills because they can easily access software and tools to carry out attacks.

Cryptocurrency has made it easier for criminals to obtain payment and harder for them to be traced. International cooperation is required to pursue cyber criminals but not all countries are on board. The NCA’s National Strategic Assessment 2023 noted that “Russian-language criminals operating ransomware as a service continue to be responsible for most high profile cyber crime attacks against the UK”.

The attacks

Ransomware is the biggest development in cyber crime in the last 6 years. In a ransomware attack, cyber criminals encrypt data and files on the victim’s systems and demand a payment to unlock them.

Increasingly, cyber criminals are also stealing and threatening to publish sensitive data to extort payments – either as part of a ransomware attack or as a standalone attack.

There has been an increase in high-profile attacks in the UK in recent years. Critical care services provided by local authorities and various educational institutions have been compromised and ransomware will continue to be a significant threat to UK individuals, businesses, and organisations.

Impact on victims

Ransomware attacks can be devastating for organisations – affecting every aspect of their operations and disrupting their relationships with customers or the public. Recovery is often lengthy and costly.

Theft of sensitive data exposes the organisation to financial loss, reputational damage, regulatory fines and penalties, compensation claims, and potential further criminality such as fraud.

Data protection authorities (such as the Information Commissioner’s Office in the UK) can enforce penalties for failure to adequately protect personal data regardless of whether the stolen personal data is published. Depending on the severity of the breach and other factors, fines could in theory reach up to £17.5m or 4% or annual global turnover, whichever is higher.

Security vulnerabilities and how to fix them

The vast majority of ransomware attacks are not targeted at particular sectors or caused due to sophisticated attack techniques.  They are often the consequence of poor cyber hygiene or simply opportunistic – e.g. unpatched devices or weak passwords. Implementing the measures set out in the NCSC guide to ransomware would interrupt the majority of attacks.

How can we help?

With organisations operating in a trust economy, earning and protecting consumer trust has never been more important. With the largest cyber and data privacy team in Scotland, Burness Paull’s specialist lawyers provide a full range of legal services in relation to cyber security, from resilience building and compliance management to urgent legal support as part of breach response, regulatory reporting and engagement and the management of consequential legal claims by affected data subjects.

If your organisation is victim to a cyber incident, or you want to take proactive steps to build cyber resilience, our team of experts can assist. Get in touch to find out how we can help.

To find out more about the trust economy, read our thought leadership paper exploring some of the key themes here.

Written by

Related News, Insights & Events

Christmas Is Coming… And The Cyber Threat Is Heightened

Christmas is coming… and the cyber threat is heightened

The increased cyber risks around the Christmas and New Year period.

Read more
Stop Before You Start Up Have You Considered Your IP

Stop before you start(up): Have you considered your IP?

If you are in the process of or considering starting a business, be sure to not fall victim to the misconception that intellectual property (IP) is only a consideration for corporate giants.

Read more
Top Tips For Employers On Monitoring Employees In The Workplace Data Protection Considerations

Top tips for employers on monitoring employees in the workplace: Data protection considerations

Jo McLean provides her top tips for monitoring employees in the workplace.

Read more

Want to hear more from us?

Subscribe here