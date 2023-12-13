The UK government is at risk of a "catastrophic ransomware attack" that can potentially bring the country to a "standstill," warned a new parliamentary committee report.

"A major ransomware attack could have a devastating impact on UK citizens and the economy, and undoubtedly represents a major threat to UK national security," the report said. "It would also shine a spotlight on the inadequacy of the Government's efforts to secure the UK against ransomware, and to prepare for the aftermath of a major cyberattack."

A report by the Office for Budget Responsibility (OBR) last year revealed that a major cyberattack or ransomware attack on the UK government could lead to a loss of 1.6% of Gross Domestic Product (GDP) to the country's economy.

A key reason for increasing cyber vulnerability is that the government infrastructure is being run on outdated systems, said the Joint Committee on the National Security Strategy (JCNSS). While the report acknowledged the efforts made by the National Cyber Security Center (NCSC) to improve the country's cyber resilience, the UK government's digital infrastructure continues to remain vulnerable, especially in areas where it has made inadequate investments to upgrade legacy systems.

"Supply chains are also particularly vulnerable and have been described by the NCA as the 'soft underbelly' of CNI [Critical National Infrastructure]. With different CNI operators sharing the same supplier, a single attack could also affect multiple sectors at once, with damaging and widespread consequences," the report said.

The report recommended improved support by the UK government to support the local government and authorities. The NCSC should be adequately funded so it can establish a dedicated local authority cyber resilience program to ensure securing council supply chains, it recommended.