ITP Techblog

European leaders are now more worried about ransomware attacks than online espionage, with NATO today signing a new cybersecurity pact to try and stem the flood of attacks.

North Atlantic Treaty Organisation leaders just concluded a conference in Brussels on the back of the UK-hosted G7 Summit and while tensions with Russia and the threats associated with climate change were on the agenda, cybersecurity was also a focus. New Zealand is not a member of NATO. But many of the Ransomware attacks levelled at New Zealand organisations are coming from the same cybercrime groups that are targeting NATO member nations too, so elevated efforts to deal with cybercrime will benefit us too.

The NATO members signed off on a confidential cybersecurity defence strategy that would allow member nations to invoke NATO's Article 5 principle on cybercrimes. That allows for a collective response across member nations to an attack. It was invoked within 24 hours of the September 11 terrorist attacks on the US in 2001. But it has largely been reserved for physical threats to a member state to date.

Upgrading the status of cybersecurity means NATO countries will be obliged to come to the assistance of a fellow member when Article 5 is invoked to deal with a major cyber attack. The move comes as the UK's National Cyber Security Centre chief, Lindy Cameron, says ransomware attacks now pose more of a threat than online spying and efforts to steal intellectual property. 

"Far more worrying is the cumulative effect of a failure to manage cyber risk and the failure to take the threat of cyber criminality seriously," she said in a speech yesterday. 

"For the vast majority of UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cybercriminals."

Firewall maker SonicWall says it detected 305 million ransomware attempts in 2020, up 60 per cent on the previous year and far outpacing cryptojacking and IoT malware attacks.

The elevated concern over ransomware attacks comes after a spate of attacks that have hit high profile targets around the world, including the Waikato District Health Board here. As RNZ reported today, the Waikato DHB attack, which has taken key hospital IT systems offline for over three weeks, has raised concerns about our fragmented approach to cybersecurity.

"It's one thing to say to somebody, you've got to go to the police for this and you've got to get the DIA for that, you've got to go to Netsafe for this," Netsafe CEO Martin Cocker told RNZ. 

"But if your one cybercrime incident involves all of those things, you're really asking the person who is dealing with the fact they're a victim of a cybercrime to then also take on the responsibility to organise their whole response plan and connect with those agencies themselves."