Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks

Former GCHQ chief Robert Hannigan has warned that the emergence of a commodity marketplace for hacking has changed and escalated the threat.

Crooks have solved the skills shortage problem by creating a gig economy and creating "more impressive" and capable tools. Hannigan made the comments during a keynote speech Weaponising the web: Nation-state hacking and what it means for enterprise cybersecurity at the Infosec 2018 conference in London.

During a wide-ranging presentation, the former cyber spy boss said that the problem posed by nation state attackers had increased over the last five years and become an issue for enterprises as well as governments. 

"Nation state attacks using criminal group as a proxy" is a "fairly new issue" and one of the issues along with the commoditisation of hacking tools that makes international geo-politics a feature of corporate security.
Nation states behave in cyberspace in the same way as the real world, Hannigan explained.

North Korea (a centre for counterfeiting) is attacking banks that are on the SWIFT network, as well as crypto exchanges to steal money.

"This is a rational state pursuing rational objectives," Hannigan told Infosec Europe delegates. Iran targeted banks and more recently unis, according to the attribution of Western intel agencies, the former spy boss said, warning that the Trump administration's rejection of a nuclear treaty with Iran could escalate tension in cyberspace.

Russia presents a greater threat in terms of sophistication and a greater overall danger, not least because it doesn't mind being destructive, Hannigan warned. The destructive element of attacks blamed on Russia includes NotPetya and attacks on the Ukrainian power grid.

Attacks attributed back to Russia have become more sophisticated, brazen and even a little bit reckless. Russia appears to be live-testing cyber-attacks, as has been speculated about the recent planting of the VPNFilter backdoor on routers, although the intent is unknown.

"It's unclear if that was a mistake or an experiment," Hannigan said. "Russia seems to be live testing things in cyber, as it has been [on the ground] in Syria, but it's a doctrine we don’t fully understand."

Power systems and hospitals are connected to the 'net and, as the WannaCry attack showed, the possibilities of collateral damage from malware are massive. "The problem is that the risk of miscalculation is huge," Hannigan warned. 

Asked at the start of an audience Q+A whether the UK was at cyberwar with Russia, Hannigan replied that it probably was. "It certainly feels like we are in a state of conflict," he mused.

Hannigan served as the GCHQ's director between November 2014 until January 2017. Highlights of his tenure include the creation of the NCSCas an operational part of GCHQ. Since leaving the signals intelligence agency, Hannigan has spoken out repeatedly against the advisability and practicality of encryption backdoors.

The Register

You Might Also Read: 

Cyber Attackers Will Soon Kill Somebody:

Former Spy Chief Takes Top Cybersecurity Job:

 

« Ukraine Says Russian Hackers Are Preparing A Massive Strike
A Guide To Addressing Corporate IoT Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Referentia

Referentia

Referentia leads the development of critical infrastructure solutions that benefit society, including cyber security and network performance management.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

Secret Intelligence Service (SIS - MI6)

Secret Intelligence Service (SIS - MI6)

The UK’s Secret Intelligence Service, also known as MI6, has three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

Responsive Technology Partners

Responsive Technology Partners

Responsive Technology Partners provides superior IT support services including cybersecurity and compliance, telephony, cloud services, cabling, access control, and camera systems.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

Cyberhill Partners

Cyberhill Partners

Cyberhill is a professional engineering services firm solving complex software implementation and integration challenges.

Symbiotic Security

Symbiotic Security

Symbiotic Security revolutionizes code security by integrating an AI-driven security coach directly within developers' IDEs.