The heist: nobody is safe from Russia’s digital pirates

In April, the Harris network of London schools was held to ransom by hackers. ‘The first thing I did was panic,’ said Sir Dan Moynihan, the chief executive. It wasn’t simply that their computers didn’t work; many of the 50 schools couldn’t function. Some couldn’t open because their internet-controlled doors were jammed shut.

A demand for £3 million arrived. Moynihan pointed out this was a ‘completely insane’ amount for an educational charity to pay — but his pleas through an intermediary were ignored. The hackers insisted that unless Harris paid up, the schools would continue to be locked out of their networks, and sensitive data would be leaked online too.

Harris had fallen victim to ‘ransom-ware’ criminals, today’s version of highway robbers. Schools and charities, businesses, individuals and government — anyone with a computer network is vulnerable. It has become a pressing issue throughout the West.

Ransomware attacks were discussed at the G7 summit in June and a call to action was included in the summit’s communiqué. President Joe Biden recently spoke about the growing crisis to staff at the Office of the Director of National Intelligence. His remark that ‘if we end up in…a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence’ betrays a lack of understanding of how cyber escalation happens. But his administration is clearly very worried about the consequences of ransomware.

Most attacks happen in roughly the same way. First the hacker gets into a network, often through ‘phishing’: sending an email that someone opens. Sometimes the technique is more sophisticated, with a cleverly targeted message appearing to come from a colleague. Malicious software is then implanted, designed to lock the users out of the system, and perhaps to steal data.

The next step is the ransom note, often in Google translation-quality English, demanding payment in cryptocurrency.