Seven Russian nationals have been sanctioned by the UK and US for their links to the development and deployment of ransomware as part of the government’s crackdown on cybercriminals.
The Foreign, Commonwealth and Development Office (FCDO) said the seven individuals were subject to asset freezes and travel bans due to their links to ransomware strains that had been used to attack UK infrastructure and others internationally.
Ransomware is a form of cyber attack that locks files and data on a user’s computer and demands payment to return them to the owner. Ransomware has been used as part of a number of high-profile cyberattacks in recent years, including the attack on the NHS in 2017.
The FCDO said recent victims of this type of cybercrime included UK schools and local authorities, while the National Crime Agency (NCA) had identified 149 UK victims affected by ransomware strains linked to the sanctioned individuals and was responsible for liberating at least an estimated £27 million.
“By punishing these cybercriminals, we are sending a clear signal to them and others involved in ransomware that they will be held accountable,” said Secretary of State James Cleverly.
“These cynical cyberattacks are causing real damage to people’s lives and livelihoods.
“We will always put our national security first by protecting the UK and our allies from serious organized crime – whatever its form and wherever it comes from.”
The UK’s National Cyber Security Center (NCSC) said it has determined key members of ransomware groups associated with the sanctioned individuals are likely to have links to Russian intelligence and have taken actions targeting certain organizations that aligned with the objectives of the Russian state.
“We are targeting cybercriminals who have been involved in some of the most prolific and damaging forms of ransomware,” Security Minister Tom Tugendhat said.
“Ransomware criminals have hit hospitals and schools, hurting many and disrupting lives, at great cost to taxpayers.
“Cybercrime knows no borders and threatens our national security. These sanctions identify and expose those responsible.”
NCSC chief executive Lindy Cameron previously called ransomware the number one cyber threat facing the UK, and she reiterated that warning when urging businesses to take action to avoid being attacked.
“Ransomware is the most acute cyber threat facing the UK, and attacks by criminal groups show just how devastating its impact can be,” she said.
“The NCSC works with partners to counter ransomware attacks and those responsible, prevent incidents and increase our collective resilience.
“It is vital that organizations take immediate action to mitigate their risks by following NCSC advice on how to put in place robust defense mechanisms to protect their networks.”