British Cyber Security Agency Issues An Alert

Uploaded on 2023-04-19 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

The British government's National Cyber Security Centre (NCSC) warned on 19th April of an emerging threat to Western critical national infrastructure posed by hackers sympathetic to Russia and its war on Ukraine. Although such groups are ideologically motivated and align themselves with Russian state interests, they are "not subject to formal state control," the alert said.

Now, a government minister has warned that Russia-aligned hackers are seeking to "disrupt or destroy" Britain's critical infrastructure.

The groups have started to focus on the UK in recent months, Cabinet Office Minister, Oliver Dowden says. These groups are ideologically motivated and not formally controlled by the Russian government, making them less predictable, according to the NCSC's alert.

Russia-aligned "hacktivists" have carried out a largely harmless online campaigns that have defaced prominent public websites or knocked them offline. However, some of those groups have been actively plotting ways to do more real-world damage, according to the NCSC. 

"Some have stated a desire to achieve a more disruptive and destructive impact against western critical national infrastructure, including in the UK... We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected," said the NCSC alert, which was released during a two-day security conference hosted by the NCSC and GCHQ in Belfast.

A successful cyber attack on critical national infrastructure such as an energy grid or water supply could be highly destructive and do serious real-world damage.

Gavin Millard, Deputy Chief Technology of leading cyber security firm Tenable observed that "Threats from state based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue... With an aging infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide ranging impacts to the population and economy."

In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 per cent drop in the number of ransomware attempts. It attributed this to several factors, including a “downward” trend in the number of organisations willing to pay cyber criminals. “With roughly two thirds of state-sponsored cyber attacks coming from Russia, and 75% of money generated by ransomware in 2021 going to groups “highly likely to be affiliated with Russia,” anything affecting that country has an outsized effect on cybercriminals, and in turn, cybercrime,” says the SonicWall Report.

Meanwhile, there has been increased government and law-enforcement focus on taking down ransomware criminals and the apparatus they use to support their business. This crackdown has come in the wake of several debilitating attacks on high-profile targets, such as the Colonial Pipeline attack in 2021.

John Fitzpatrick, CTO at cyber security services firm Jumpsec said “The specific threat that Oliver Dowden spoke of is somewhat different, these are groups sympathetic to Russia but not necessarily state-sponsored or sanctioned groups. Their capability is not to the level we typically associate with the Russian threat, and it is far less predictable... For those investing heavily in cyber resilience, this really should not change a lot, but the likelihood of Denial of Service (DoS) and other "low bar to entry" type attacks will, no doubt, increase and so it may be sensible for some organisation to validate their plans in those areas in light of this warning."

Russia’s invasion of Ukraine has also had some unexpected effects - many Russian based hackers have turned their attention to attacks related to the conflict, rather than ransomware, or have had their operations disrupted by sanctions against Russia.

SonicWall:        NBC:     Reuters:     FT:     BBC:   Cyprus Mail:     UPI

You Might Also Read: 

NCSC Alert: British Journalists & Politicians Are Hacking Targets:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

 


 

« Sharing Threat Intelligence
An Increasingly Diverse Attack Landscape »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Frazer-Nash Consultancy

Frazer-Nash Consultancy

Frazer-Nash is a leading engineering, systems and technology company. Areas of expertise include information security and cyber security.

Infosecurity Europe

Infosecurity Europe

Infosecurity Europe is Europe’s number one information security conference and exhibition.

iXsystems

iXsystems

iXsystems is a leader in Open-Source enterprise server and storage solutions including Backup & Recovery to protect critical data.

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

CMMI Institute

CMMI Institute

CMMI Institute enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, data management and cybersecurity.

Fasken

Fasken

Fasken is one of the largest business law firms in Canada and a recognized leader in privacy and cybersecurity law.

Foundries.io

Foundries.io

Foundries.io have built a secure, open source platform for the world's connected devices, and a cloud service to configure this to any hardware and any cloud.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Tactic Labs

Tactic Labs

Tactic Labs (part of the Avnon Group) delivers a holistic Cyber-Security Management Platform which provides military-grade protection, safeguarding critical infrastructures and mission-critical data.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

Cybertech Nepal

Cybertech Nepal

Cybertech Nepal is committed to provide high-quality cyber security solutions, including server assessment and hardening, forensics and malware analysis, end-point threat analysis, and VAPT.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

CLEAR

CLEAR

With more than 17 million members and a growing network of partners across the world, CLEAR's identity platform is transforming the way people live, work, and travel.

Emircom

Emircom

Emircom is one of the Middle East's leading independent providers of IT infrastructure services, helping clients to drive growth and deliver measurable outcomes.