The UK government has been criticized by a parliamentary committee for its inadequate response to the threat of ransomware, accused of adopting an “ostrich strategy” by ignoring warnings of a significant cyber threat.
This comes after the government’s formal rejection of key recommendations from the Joint Committee on the National Security Strategy (JCNSS), which included removing the Home Office’s responsibility for tackling ransomware.
Despite being the third most cyber-attacked country globally, the government’s stance has been deemed insufficient in preparing for or understanding the extent of cyberattacks.
“We found that the Home Office’s public output on cyber security and ransomware has been almost nonexistent, and has been dwarfed by its focus on small boats and illegal migration,” the JCNSS accused.
The JCNSS highlights the government’s lack of long-term planning and preparation, risking severe economic and national security repercussions from potential ransomware attacks.
The committee’s chair, Dame Margaret Beckett MP, criticized the government for relying on outdated legislation and departments that show little interest in addressing the issue, leaving the UK vulnerable and unprepared for future cyber threats:
“In the likely event of a massive, catastrophic ransomware attack, the failure to rise to meet this challenge will rightly be seen as an inexcusable strategic failure” Margaret stated.
The government’s failure to adequately address these concerns has led the committee toward new solutions:
“The NCSC should be funded to establish an enhanced and dedicated local authority cyber resilience programme, including intensive support for local exercising and on securing council supply chains,” wrote the committee.
With little faith left in the government’s ability to handle the monumental task of protecting the country from cyberthreats, the JCNSS will continue to investigate the government’s lack of action and rejection of crucial cybersecurity recommendations while pursuing other tactics for safeguarding the country against societal damage caused by cyber attackers.