020 7792 5649

Buy & sell cryptocurrency with SelachiiLearn more
Hi, How Can We Help You?

Beware the rise of ransomware

Few will have missed the headlines following the recent hacking attack on the National Health Service.  The attacks have recently been linked to the Lazarus Group; a team of hackers many believe are tied to the North Korean administration.

The UK’s National Cyber Security Centre (NCSC) has reportedly led a detailed investigation into the WannaCry malware which infected the NHS and other high profile organisations across the world in May.  Meanwhile in the US the NCSC’s counterpart the National Security Agency (NSA) has also suggested links between Lazarus and their WannaCry bug and North Korea although the NSA added their belief is very much that no one else was involved.

The code has now been reverse-engineered by a number of private contractors but one of those companies, SecureWorks, has agreed the finger definitely points towards North Korea.  According to SecureWorks, early versions of WannaCry shared code with another piece of malware, Brambul; the use of Brambul is thought to be unique to the North Korean threat group Nickel Academy who are also known as the Lazarus group.

However somewhat worryingly SecureWork also reported they didn’t believe the Lazarus Group had any particular target in mind other than causing the maximum disruption and that unlike other activists – for example Russia’s APT28/Fancy Bear - the Lazarus Group are closely linked to cybercrime.  Before cybercrime in its current form became commonplace, their wider network had been accused of forging currency.  It is now feared their recent ransomware activities may be geared up to do nothing more than raising extortion fees as victims fight to minimise the damage caused by their frightening fast-moving malware.

More recently in unrelated attacks in mid-June, University College London and Ulster University battled to restore their systems after ransomware attacks. 

Mindful of the all too recent WannaCry attacks on the NHS, teams at both UCL and Ulster acted immediately, blocking access to shared and network drives across both universities to stop the effects spreading.  Even though both institutions have now resumed full capacity, they are urging all users to remain vigilant and UCL in particular has not ruled out the suggestion the attacks were launched to underpin a wide scale phishing exercise.

Since the attacks both universities have stated they feel they were the victim of ransomware designed to take full advantage of ‘zero-day vulnerability’.  Experts however are neither willing to confirm nor deny that the attacks were perpetrated by the same criminals or even used the same ransomware.

While there is no question these attacks weren’t linked in any way, they do demonstrate just how sophisticated and how increasingly prevalent ransomware attacks are getting.  Unfortunately our belief is this is a trend that is only set to continue to increase.

So what should you do if you suddenly find yourself locked out of your files and facing a ransom note that tells you the only way to unencrypt your files is to pay a certain party a certain amount of money?  We’d suggest the first thing to do would be to email us at This email address is being protected from spambots. You need JavaScript enabled to view it. or call us on 020 7792 5649. 

As solicitors who specialise in all forms of digital cybercrime, a list that includes not only ransomware disputes but bitcoin and cryptocurrency scams, fake bitcoin mining services and fraudulent ICOs.

We have all of the experience you will need to navigate the ransom process, to minimise the effects the lock-down inflicts on your business and to save you the time and expense of trying to get your systems up and running again without access to the keys the criminals used to freeze you out of your files. 

Get legal advice

Complete the form below and we will be in touch to arrange a consultation.

Invalid Input
Invalid Input
Invalid Input
Invalid Input
Invalid Input
lrs logo 2016MLA 2017 18 Shortlisted 2

Want Selachii’s help?

Call us now

020 7792 5649

arrange a consultation

Accreditations

MLA 2017 18 Shortlisted 2