Cyber Attack On Britain’s Defence Academy

Uploaded on 2022-01-03 in GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Hackers

A cyber attack on Britain's national Defence Academy, possibly by Russia or China, has caused “significant” damage, says a retired high-ranking officer. 

Air Marshal Edward Stringer, who retired in August, said the attack which was first discovered in March 2021 and meant the Defence Academy was required to rebuild its network. 

The targeting of an academic institution is an indication of how the frontline in modern warfare can be anywhere, the former director general of the academy told Sky News.He did not know if criminals or a hostile state, like China, Russia, Iran or North Korea, were responsible, but the damage has yet to be fully rectified nine months later

Stringer said the attack, was first detected March 2021, meant the Defence Academy was forced to rebuild its network. Stringer did not know if criminals or a hostile state, such as China, Russia, Iran or North Korea, were responsible but the damage has yet to be fully rectified. “It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack that was just, you know, a genuine criminal organisation... There were costs to … operational output. There were opportunity costs in what our staff could have been doing when they were having to repair this damage." he said. 

News of this event appears alongside disclosure of a similar damaging attack on Belgian defence networks. 

It is the first time a senior officer has spoken on the record about the cyber attack and its impact on the academy, which is based in Shrivenham, Oxfordshire, and teaches thousands of British and overseas military officers every year. The school teaches 28,000 military personnel, diplomats and civil servants a year and moved more online during the pandemic.

Stringer the attack was not successful and while the hackers may have been using the academy as a “backdoor” to other Ministry of Defence systems, there were no breaches beyond the school.

Air Marshall Stringer was also director general of joint force development and led British military thinking about how it would adapt to the future of warfare, said the attack fell within a so-called grey zone of harm, which falls below the threshold of war

The National Cyber Security Centre, a branch of GCHQ, was also made aware of the hack and a British Defence Ministry official said: “In March 2021 we were made aware of an incident impacting the Defence Academy IT infrastructure. We took swift action and there was no impact on the wider Ministry of Defence IT network. Teaching at the Defence Academy has continued.”

GBNews:        Sky:         Independent:      Leicester Mercury:       Enfield Independent:      Guardian

You Might Also Read:

British Military Aim To Reduce Their Attack Surface:

 

« Malicious Joker App Gets Half A Million Downloads
NSO Spyware Used To Hack Political Leaders In Poland »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Pen Test Partners LLP

Pen Test Partners LLP

Pen Test Partners provides penetration testing, security assessment and training services.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

DCIT

DCIT

DCIT is a specialist in providing comprehensive consulting and auditing services in the field of information technology, PROVYS development software and security system AuditSquare.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Blancco Technology Group

Blancco Technology Group

Blancco Technology Group is a leading global provider of mobile device diagnostics and secure data erasure solutions.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

Cheops Technology

Cheops Technology

Cheops is a specialist in IT Business Technology Services. We help SMEs and large companies build, optimize and manage their IT so they can focus on their core business.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

Dev Information Technology (DEV IT)

Dev Information Technology (DEV IT)

DEV IT is a leading IT solutions and services company. We deliver digital transformation and end-to-end IT services, from advisory to execution.

Intersys

Intersys

Intersys provides cyber-resilient IT support and services from IT offices in London, Essex and Cambridge.