The UK will work with international partners to dismantle the cyber criminal ecosystem: UK statement at the UN Security Council
Statement by Ambassador James Kariuki, UK Deputy Permanent Representative to the UN, at the UN Security Council meeting on threats posed by ransomware attacks.
Earlier this year in the General Assembly open-ended working group on information communication technologies, all states recognised that ransomware attacks “may have an impact on international peace and security.”
Ransomware actors have consistently attacked critical national infrastructure, local government, and hospitals for personal financial gain.
Most groups exist in jurisdictions that allow them to operate with impunity. We call on these states to do more to tackle the criminal gangs based in or making use of their territory.
The UK, like many here today, continues to be a victim of ransomware incidents. Our National Health Service was affected by the Wannacry ransomware strain in 2017, which cost $118 million to recover from. Money that could have been spent on saving lives.
This year a critical supplier to London hospitals was affected by a ransomware incident, which postponed over 10,000 health appointments and over 1,700 medical procedures.
This disruption is replicated across our critical sectors, it is why the UK considers ransomware one of our most significant cyber threats to national security.
To counter this, the UK is working to break the ransomware business and discourage victims from paying these criminals. Alongside international partners, the UK has issued 36 sanctions against actors involved in these types of activities.
But we need a global response to this global threat.
First, we urge others to join the UK Government in not paying ransoms. In October, the UK and 49 other members of the Counter Ransomware Initiative signed a public statement committing governments not to not pay ransoms.
Second, coordination will be our best defence. Recently, UK law enforcement led a coalition of global law enforcement agencies to disrupt the Lockbit ransomware group, the most prolific ransomware group of 2024.
And third, we must increase resilience to these attacks, by sharing information to illuminate the threats and build our collective understanding.
We will continue to cooperate with international partners and industry to counter ransomware and dismantle the cyber criminal ecosystem.