British Cyber Security Agency Issues An Alert

The British government's National Cyber Security Centre (NCSC) warned on 19th April of an emerging threat to Western critical national infrastructure posed by hackers sympathetic to Russia and its war on Ukraine. Although such groups are ideologically motivated and align themselves with Russian state interests, they are "not subject to formal state control," the alert said.

Now, a government minister has warned that Russia-aligned hackers are seeking to "disrupt or destroy" Britain's critical infrastructure.

The groups have started to focus on the UK in recent months, Cabinet Office Minister, Oliver Dowden says. These groups are ideologically motivated and not formally controlled by the Russian government, making them less predictable, according to the NCSC's alert.

Russia-aligned "hacktivists" have carried out a largely harmless online campaigns that have defaced prominent public websites or knocked them offline. However, some of those groups have been actively plotting ways to do more real-world damage, according to the NCSC. 

"Some have stated a desire to achieve a more disruptive and destructive impact against western critical national infrastructure, including in the UK... We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected," said the NCSC alert, which was released during a two-day security conference hosted by the NCSC and GCHQ in Belfast.

A successful cyber attack on critical national infrastructure such as an energy grid or water supply could be highly destructive and do serious real-world damage.

Gavin Millard, Deputy Chief Technology of leading cyber security firm Tenable observed that "Threats from state based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue... With an aging infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide ranging impacts to the population and economy."

In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 per cent drop in the number of ransomware attempts. It attributed this to several factors, including a “downward” trend in the number of organisations willing to pay cyber criminals. “With roughly two thirds of state-sponsored cyber attacks coming from Russia, and 75% of money generated by ransomware in 2021 going to groups “highly likely to be affiliated with Russia,” anything affecting that country has an outsized effect on cybercriminals, and in turn, cybercrime,” says the SonicWall Report.

Meanwhile, there has been increased government and law-enforcement focus on taking down ransomware criminals and the apparatus they use to support their business. This crackdown has come in the wake of several debilitating attacks on high-profile targets, such as the Colonial Pipeline attack in 2021.

John Fitzpatrick, CTO at cyber security services firm Jumpsec said “The specific threat that Oliver Dowden spoke of is somewhat different, these are groups sympathetic to Russia but not necessarily state-sponsored or sanctioned groups. Their capability is not to the level we typically associate with the Russian threat, and it is far less predictable... For those investing heavily in cyber resilience, this really should not change a lot, but the likelihood of Denial of Service (DoS) and other "low bar to entry" type attacks will, no doubt, increase and so it may be sensible for some organisation to validate their plans in those areas in light of this warning."

Russia’s invasion of Ukraine has also had some unexpected effects - many Russian based hackers have turned their attention to attacks related to the conflict, rather than ransomware, or have had their operations disrupted by sanctions against Russia.

SonicWall:        NBC:     Reuters:     FT:     BBC:   Cyprus Mail:     UPI

You Might Also Read: 

NCSC Alert: British Journalists & Politicians Are Hacking Targets:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

 


 

« Sharing Threat Intelligence
An Increasingly Diverse Attack Landscape »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cast Software

Cast Software

CAST is a pioneer in Software Analysis and Measurement (SAM) to capture and quantify the reliability and security of business applications.

Granite Partners

Granite Partners

Granite is a cloud service for the development of business risk management, cyber security and privacy and occupational safety and health.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Bolster

Bolster

Bolster (formerly RedMarlin) is an AI-based cyber-security platform designed to detect phishing and fraudulent sites in real-time.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

TekSynap

TekSynap

TekSynap is a full spectrum Information Technology services provider to federal government agencies.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

Qevlar AI

Qevlar AI

Qevlar AI empowers SOC teams, to eliminate redundant tasks and refocus on what truly matters - making the most of every employee within the SecOps team.

Point Wild

Point Wild

Point Wild is a holding company that acquires, integrates and manages a diverse portfolio of best-in-class cybersecurity brands for consumers and enterprises.

CyberNINES

CyberNINES

CyberNINES is a business specializing in helping US Department of Defense contractors become compliant and attest to federal cybersecurity regulation requirements.