British Cyber Security Agency Issues An Alert

The British government's National Cyber Security Centre (NCSC) warned on 19th April of an emerging threat to Western critical national infrastructure posed by hackers sympathetic to Russia and its war on Ukraine. Although such groups are ideologically motivated and align themselves with Russian state interests, they are "not subject to formal state control," the alert said.

Now, a government minister has warned that Russia-aligned hackers are seeking to "disrupt or destroy" Britain's critical infrastructure.

The groups have started to focus on the UK in recent months, Cabinet Office Minister, Oliver Dowden says. These groups are ideologically motivated and not formally controlled by the Russian government, making them less predictable, according to the NCSC's alert.

Russia-aligned "hacktivists" have carried out a largely harmless online campaigns that have defaced prominent public websites or knocked them offline. However, some of those groups have been actively plotting ways to do more real-world damage, according to the NCSC. 

"Some have stated a desire to achieve a more disruptive and destructive impact against western critical national infrastructure, including in the UK... We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected," said the NCSC alert, which was released during a two-day security conference hosted by the NCSC and GCHQ in Belfast.

A successful cyber attack on critical national infrastructure such as an energy grid or water supply could be highly destructive and do serious real-world damage.

Gavin Millard, Deputy Chief Technology of leading cyber security firm Tenable observed that "Threats from state based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue... With an aging infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide ranging impacts to the population and economy."

In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 per cent drop in the number of ransomware attempts. It attributed this to several factors, including a “downward” trend in the number of organisations willing to pay cyber criminals. “With roughly two thirds of state-sponsored cyber attacks coming from Russia, and 75% of money generated by ransomware in 2021 going to groups “highly likely to be affiliated with Russia,” anything affecting that country has an outsized effect on cybercriminals, and in turn, cybercrime,” says the SonicWall Report.

Meanwhile, there has been increased government and law-enforcement focus on taking down ransomware criminals and the apparatus they use to support their business. This crackdown has come in the wake of several debilitating attacks on high-profile targets, such as the Colonial Pipeline attack in 2021.

John Fitzpatrick, CTO at cyber security services firm Jumpsec said “The specific threat that Oliver Dowden spoke of is somewhat different, these are groups sympathetic to Russia but not necessarily state-sponsored or sanctioned groups. Their capability is not to the level we typically associate with the Russian threat, and it is far less predictable... For those investing heavily in cyber resilience, this really should not change a lot, but the likelihood of Denial of Service (DoS) and other "low bar to entry" type attacks will, no doubt, increase and so it may be sensible for some organisation to validate their plans in those areas in light of this warning."

Russia’s invasion of Ukraine has also had some unexpected effects - many Russian based hackers have turned their attention to attacks related to the conflict, rather than ransomware, or have had their operations disrupted by sanctions against Russia.

SonicWall:        NBC:     Reuters:     FT:     BBC:   Cyprus Mail:     UPI

You Might Also Read: 

NCSC Alert: British Journalists & Politicians Are Hacking Targets:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

 


 

« Sharing Threat Intelligence
An Increasingly Diverse Attack Landscape »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

HackLabs

HackLabs

HackLabs is a penetration testing company providing services for network security, web application security and social engineering testing.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

SecureBrain

SecureBrain

SecureBrain software and services help protect against Japanese-specific cybercrime and global internet security threats such as online fraud, phishing, drive-by downloads and malware attacks.

Proteus

Proteus

Proteus is an Information Security consulting firm specialized in Risk Analysis and Executive Control.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications provides critical, tactical capabilities that inform decision making in the most challenging environments.

Drip7

Drip7

Drip7 is a micro-learning platform that is re-inventing the way companies train their employees and build lasting cultural change around the importance of cybersecurity.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Surfshark

Surfshark

Surfshark is a cybersecurity company focused on developing humanized privacy & security protection solutions to secure people's digital lives.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Mondoo

Mondoo

Mondoo is a powerful security, compliance, and asset inventory tool that helps businesses identify vulnerabilities, track lost assets, and ensure policy compliance across their entire infrastructure.

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.