Speaking to the hushed throngs at her inaugural keynote address as the leader of the UK intelligence agency Anne Keast-Butler expressed her agency's growing alarm over the strengthening ties between Russian intelligence and proxy hacker groups, which have historically thrived in Russia's lenient environment.

"Previously, Russia merely provided the conditions conducive for these groups' operations, but now they are actively fostering and encouraging these non-state cyber actors," she stated at the Cyber UK conference, labelling it a "globally pervasive" menace.

The intelligence chief, who became the first woman to assume this position last year, pointed to ransomware as "the most acute and pervasive cyber threat." In such attacks, cybercriminals, often from Russia, seize control of a company's data and systems, demanding substantial payments for their release.

Keast-Butler affirmed that GCHQ is fully committed to combating ransomware perpetrators, undermining their capacity to target government and business infrastructures, and ensuring those involved are held accountable. She emphasised that cybercriminals would find no refuge.

Recently, the UK's National Crime Agency exposed Dmitry Khoroshev, a Russian national, as the head of the LockBit ransomware group. LockBit's tools have been implicated in over 7,000 attacks from June 2022 to February 2024 across the US, UK, France, Germany, China, and other locations.

The National Cyber Security Centre (NCSC), GCHQ's outward-facing internet security division, released a guide in collaboration with three insurance industry bodies, aiming to dissuade businesses from funding Russian and other hackers by paying ransoms.

While paying ransoms to cybercriminals isn't typically illegal—unless the hackers are recognised as a terrorist group—firms often discreetly pay in cryptocurrency, sometimes through insurance, hoping for a swift resolution to the attacks.