Cyber criminals could steal people's most personal information and hold them to ransom, warn UK cyber chiefs

The joint report from the National Cyber Security Centre and the National Crime Agency makes for chilling reading for anyone with a TV, fitness tracker or smartphone

Andrew Griffin
Tuesday 14 March 2017 01:38 GMT
Dr Ian Levy shows the Queen and the Duke of Edinburgh a robot vacuum cleaner which could be vulnerable to cyber attack
Dr Ian Levy shows the Queen and the Duke of Edinburgh a robot vacuum cleaner which could be vulnerable to cyber attack (Dominic Lipinski - WPA Pool/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The various pieces of technology that are in our lives could hand over our most personal information to hackers, the UK's most elite cyber security chiefs have warned.

Smart phones, watches, televisions, and fitness trackers all collect information on their users that could be used to extort money from people or pose as them.

An increasing amount of internet-connected deivces around the home allow hackers far more power to use "aggressive" and "confrontational" tactics, according to a new report from the Cyber Security Centre (NCSC) and the National Crime Agency (NCA).

It highlights the huge amount of personal information that those gadgets contain. Each of them has data including people's photos, personal messages and fitness information – which could be turned on their owners, according to the experts.

And it comes just days after WikiLeaks warned that phones and smart TVs could be used by the CIA and other agencies to spy on their owners.

The study forecasts that this year it is likely that "ransomware" will target connected devices containing data such as photos, emails and even fitness progress information.

"This data may not be inherently valuable, and might not be sold on criminal forums but the device and data will be sufficiently valuable to the victim that they will be willing to pay for it," the assessment says.

"Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom."

A surge in the number and variety of internet-ready products has sparked a string of security warnings.

There have even been suggestions that baby monitors and pacemakers could be vulnerable to hacking.

Analysts have forecast that by 2020 there will be as many as 21 billion connected devices used by businesses and consumers around the world.

The NCSC and NCA's 2016/17 report on the cyber threat to UK business says: "The rise of internet connected devices gives attackers more opportunity."

The paper notes that smart devices are still "inherently more difficult" to attack than traditional computers, saying that incidents may initially be limited to users who download apps from third-party app stores.

Ministers launched the NCSC, which is part of GCHQ, amid mounting concern over the potential danger to Britain's industry and infrastructure from online attacks.

The new report says the cyber threat to UK business is "significant and growing".

In three months after the centre was created, there were 188 "high-level" attacks as well as "countless" lower-level incidents.

The danger is "varied and adaptable", ranging from high-volume, opportunistic attacks to "highly sophisticated" and persistent threats.

The last year "has been punctuated by cyber attacks on a scale and boldness not seen before", the report says, pointing to a string of incidents including the targeting of the US Democratic Party and Bangladesh Bank.

Ciaran Martin, chief executive of the NCSC, said: "Cyber attacks will continue to evolve, which is why the public and private sectors must continue to work at pace to deliver real-world outcomes and ground-breaking innovation to reduce the threat to critical services and to deter would-be attackers."

The report will be published on Tuesday as the NCSC hosts a major conference on cyber security in Liverpool.

It also says that there is no clear understanding of the true scale and cost of cyber attacks to the UK as it is under-reported.

Donald Toon, director for economic and cyber crime at the NCA, said: "Businesses reporting cyber crime is essential if we are to fully understand the threat, and take the most effective action against it."

It comes days after it was revealed that GCHQ has warned political parties of the the threat posed to democracy by Russian hackers.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in