Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks

Uploaded on 2018-06-28 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Former GCHQ chief Robert Hannigan has warned that the emergence of a commodity marketplace for hacking has changed and escalated the threat.

Crooks have solved the skills shortage problem by creating a gig economy and creating "more impressive" and capable tools. Hannigan made the comments during a keynote speech Weaponising the web: Nation-state hacking and what it means for enterprise cybersecurity at the Infosec 2018 conference in London.

During a wide-ranging presentation, the former cyber spy boss said that the problem posed by nation state attackers had increased over the last five years and become an issue for enterprises as well as governments. 

"Nation state attacks using criminal group as a proxy" is a "fairly new issue" and one of the issues along with the commoditisation of hacking tools that makes international geo-politics a feature of corporate security.
Nation states behave in cyberspace in the same way as the real world, Hannigan explained.

North Korea (a centre for counterfeiting) is attacking banks that are on the SWIFT network, as well as crypto exchanges to steal money.

"This is a rational state pursuing rational objectives," Hannigan told Infosec Europe delegates. Iran targeted banks and more recently unis, according to the attribution of Western intel agencies, the former spy boss said, warning that the Trump administration's rejection of a nuclear treaty with Iran could escalate tension in cyberspace.

Russia presents a greater threat in terms of sophistication and a greater overall danger, not least because it doesn't mind being destructive, Hannigan warned. The destructive element of attacks blamed on Russia includes NotPetya and attacks on the Ukrainian power grid.

Attacks attributed back to Russia have become more sophisticated, brazen and even a little bit reckless. Russia appears to be live-testing cyber-attacks, as has been speculated about the recent planting of the VPNFilter backdoor on routers, although the intent is unknown.

"It's unclear if that was a mistake or an experiment," Hannigan said. "Russia seems to be live testing things in cyber, as it has been [on the ground] in Syria, but it's a doctrine we don’t fully understand."

Power systems and hospitals are connected to the 'net and, as the WannaCry attack showed, the possibilities of collateral damage from malware are massive. "The problem is that the risk of miscalculation is huge," Hannigan warned. 

Asked at the start of an audience Q+A whether the UK was at cyberwar with Russia, Hannigan replied that it probably was. "It certainly feels like we are in a state of conflict," he mused.

Hannigan served as the GCHQ's director between November 2014 until January 2017. Highlights of his tenure include the creation of the NCSCas an operational part of GCHQ. Since leaving the signals intelligence agency, Hannigan has spoken out repeatedly against the advisability and practicality of encryption backdoors.

The Register

You Might Also Read: 

Cyber Attackers Will Soon Kill Somebody:

Former Spy Chief Takes Top Cybersecurity Job:

 

« Ukraine Says Russian Hackers Are Preparing A Massive Strike
A Guide To Addressing Corporate IoT Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Sangfor Technologies

Sangfor Technologies

Sangfor is a global leader of IT infrastructure, security solutions, and cloud computing.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

Neurosoft

Neurosoft

Neursoft is a fully integrated ICT company with Software Development, System Integration and Information Technology Security capabilities.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

BAI Security

BAI Security

BAI Security is a Nationally Recognized Leader in IT Security. Keeping your data safe and your business compliant is our singular focus.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

SpecTrust

SpecTrust

SpecTrust provides an all-in-one defense solution for identity abuse & fraud, enabling your company's talent to stay focused on the core business.

MyCena

MyCena

MyCena has developed a complete system of security, control and management for decentralised credentials.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.