MoD looks to bolster cyber defences as ransomware attacks rise

The announcement comes a day after the National Cyber Security Centre (NCSC) warned about rising ransomware attacks against the UK government and businesses.

The Defence Science and Technology Laboratory (Dstl), which is a part of the MOD, said it plans to invest £6bn in R&D spending over the next four years in order to sustain its “strategic advantage”.

The 300 positions will be advertised this summer with more coming in 2022 and include roles in cyber security, electronics, data and AI.

It is understood the roles will include a focus on the threats of the future such as increased hostility and aggression from Russia and China’s technological advancements as well as the dangers posed by organised crime and terrorist groups and cyber hackers.

The recruitment drive is the biggest in Dstl’s 20-year history and reflects the Government’s stated ambition to make the UK a “science and tech superpower” by 2030, with the ability to “monitor, protect and defend” the country’s interests.

The minister for defence procurement Jeremy Quin said: “Our over £6bn investment into research and development is central to the evolution of defence and security.

“This will ensure MOD science and technology programmes upgrade and adapt our forces to meet a range of future threats.

“The Dstl recruitment campaign paves the way for the next generation of highly-skilled scientists to work on sophisticated projects designing and engineering pioneering military equipment.”

At a lecture yesterday, Lindy Cameron, the head of the National Cyber Security Centre (NCSC), warned about the increasing trend of ransomware attacks across the UK.

Ransomware is a form of cyber attack that locks files and data on a user’s computer and demands payment in order for them to be released back to the owner. The high-profile WannaCry attack on NHS computers in 2017 was so serious that it put patient care in danger.

“Ransomware has historically been the preserve of high-end cyber-crime groups with access to advanced technical skills and capabilities based in overseas jurisdictions who turn a blind eye, or otherwise fail to act, or fail to pursue these groups,” Cameron warned.

“But the ecosystem is evolving through what we call Ransomware as a Service (RaaS), and the as-a-service business model, where ransomware variants and commodity listings such as listed credentials, are available off the shelf for a one-off payment or a share of the profits.

“We know there are campaigns to recruit new affiliates and as a result users can buy from developers without the costs and risks of developing it themselves.

“And that enables less experienced actors to acquire tools to conduct their own ransomware attacks.

“As the business model has become more and more successful, with these groups securing significant ransom payments from large profitable businesses who cannot afford to lose their data to encryption or to suffer the downtime while their services are offline, the market for ransomware has become increasingly professional.”

Last month, a cyber-attack on a vital US pipeline by a criminal group known as DarkSide caused oil prices to spike in the country.