A study by the Royal United Services Institute (RUSI) think-tank and cyber specialists at BAE Systems warned that ransomware use is “spiraling out of control”, with Britain suffering the second-highest number of “double extortion” attacks after the US.

The research produced by RUSI  highlights how ransomware attacks continue to have a significant impact on businesses and organizations across the globe, resulting in high levels of cost and disruption.

Ransomware attacks involve cybercriminals encrypting data systems and demanding a fee to unfreeze them. These types of attacks have surged during the Covid-19 pandemic, as virtual work environments have expanded threat surfaces, amplifying attack vectors while highlighting the vulnerabilities of cyber defenses of corporate networks.

Travelex, the London-based currency exchange business that does business in 26 countries (including the U.S.), was a high-profile victim of this type of attack in December 2019, when hackers demanded a ransom to prevent the publication of sensitive customer data, including credit card details. Travelex paid a ransomware gang $2.3 million to regain access to its data following this attack on New Year's Eve, the Wall Street Journal reports. The incident crippled the company's customer services for weeks. The subsequent disruption, combined with the effect of coronavirus, cost Travelex around £25m (nearly 35m USD) in terms of profits. 

Lindy Cameron, chief executive of Britain’s National Cyber Security Centre, a branch of GCHQ, warned in her first public speech last week that ransomware was a “serious and growing threat” in scale and severity. The risk is not just the theft of money or data from individual businesses, but also the loss of “key services”, Cameron said.