The UK's Government Communications Headquarters (GCHQ) boss Sir Jeremy Fleming has outlined a plan to pursue criminal actors who deploy ransomware as well as the state actors that are aware of their efforts.
Speaking remotely to The Cipher Brief Annual Threat Conference on Monday, Fleming discussed the increasing threat of cybercrime – in particular ransomware – and GCHQ's strategy to reduce threats.
"We have to be clear on the red lines and behaviours that we want to see. We've got to go after those links between criminal actors and state actors and impose costs," Fleming argued, in order to make ransomware and other cybercrime less profitable.
Fleming revealed that GCHQ is not afraid to go on the offensive in pursuit of that goal, but added "we're quite a long way off really addressing the profit model which is making this just so easy for criminals to exploit at the moment."
In wide-ranging remarks, Fleming described the current geopolitical situation as offering what he called a "moment of reckoning" that represents a chance for "like-minded Western liberal nations to make sure that the technologies on which we all rely encompass our values, are secured by design, have been subject to the standards and regulations that we approve of, because we think that they do promote our prosperity and our values."
Expressing those values is important, because tech like AI will create big change.
"If you think that the changes we've seen from coronavirus are significant wait till you see the way in which machine learning and AI are going to affect our labour markets," Fleming explained, adding that any approach to AI needs to include an understanding that China and other countries are doing well in the development of AI capabilities.
"We're faced with a set of adversaries now that invested very heavily in their own research, have made major investments in skills, have procured capabilities in a perfectly legitimate way globally and have won the trade battle because the products have been pretty good."
If you do fairly basic cyber security … you’re going to protect yourselves or at least make you harder than competitors and therefore you won’t be as much of a target
Fleming said the pace of change had changed too.
"Sorting that out isn't anymore the preserve of spy agencies or niche security organisations – it's a genuine public, private and international partnership and getting that right is probably the single most important thing we could do."
- Ransomware criminals have feelings too: BlackMatter abuse caused crims to shut down negotiation portal
- UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry
- NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies
Fleming also said some responsibility for coping in this time of change falls on individuals and organisations.
After discussing GCHQ's ransomware response, he said "it's not rocket science to defend against this sort of stuff."
"We know that if you do fairly basic cyber security, if you are really clear at an organisational level about things that you need to protect, and if you are very diligent in implementing the guidance of your cyber security professionals and your technology partners, then you're going to protect yourselves or at least make you harder than competitors and therefore you won’t be as much of a target.
"It's a really boring lesson we hack on about a lot in the UK." ®