UK follows U.S. footprints to hack cybercriminal entities

In an endless fight to counterattack ransomware threats, the United Kingdom has shown intentions of developing a cyber command team to “hunt” and infiltrate cybercriminal groups, according to high-level government officials.

The director of Britain’s signals intelligence agency (GCHQ), Jeremy Fleming, elaborated on the country’s plans at this year’s US Cipher Brief threat conference on Monday.

Fleming went forth and revealed that the UK endured a remarkable augmentation in cybercrimes, a situation that paved the way for the government to take additional procedures to combat any future threats to the country’s security infrastructure by implementing severe offensive operations.

Similar actions typically include governmental authorities employing their own procedures aimed at disabling servers controlled by cybercriminal groups, according to the Financial Times. 

Britain’s National Cyber Force, the country’s most recent cohesive command established last year, would be the main entity in charge of such counterattacks.

During the conference, Fleming implied that global authorities should proceed with additional measures to prevent any future breaches since they have failed to levy costs on underworld operators.

“The reason it [ransomware] is proliferating is because it works … criminals are making very good money from it and are often feeling that [it’s] largely uncontested,” Flemings stated throughout the conference.

“I’m pretty clear from an international law perspective and certainly from our domestic law perspective you can go after [criminal actors],” he added. 

The UK’s latest revelation to “hack the hackers” might not come as a shocker, as it came as a follow-up to Reuters’ report uncovering that the U.S. had initiated its operation to counter offend any potential attack led by the cybercriminal gang, REvil.

The FBI, alongside international partners, led a cybersecurity operation to infiltrate the group’s servers after it inexplicably vanished from the web in July, following its colossal breach on software company, Kesaya.

Throughout the cybercriminals’ disappearance phase, speculations circulating REvil’s state were vague, with some contemplating that the gang deliberately terminated its cybercrimes operations.

However, Reuters’ report uncovered that the gang was hacked by law enforcement operations targeting its network’s infrastructure.

At the time, U.S. law enforcement and intelligent cybersecurity experts succeeded in compromising the hackers’ network infrastructure signaling authorities’ first major federal operation victory to counteract ransomware activities.

The union between the UK and the U.S. paved the way for modernized tactics to fight cybercrimes. An alliance uniting global governmental powers to explicitly go after a ransomware attack and any group affiliated with these operations.

“There have been reports about such operations earlier,” DFIR Lab deputy head with cybersecurity firm Group-IB, Oleg Skulkin, informed Gizmodo in an e-mail.

“Last year, the U.S. Cyber Command carried out an operation in parallel with private sector players to take down the infamous TrickBot botnet ahead of the Election Day to prevent it from being used to launch an attack on IT systems supporting the election process,” Skulkin added.

From another stance, Senior Security Architect with Recorded Future, Allan Liska, informed Gizmodo that the FBI’s state-of-the-art operational attacks on REvil’s servers marked the country’s most prominent step towards fighting cybercrime strategies.

It is still unclear which path the U.S. and UK will take to empower and heighten their strategic operations to fight ransomware threats, but the ever-growing national security risks from both China and Russia have pushed both countries to adopt stricter methodologies to face the rising ripple of cyberattacks.