British Cyber Security Agency Issues An Alert

The British government's National Cyber Security Centre (NCSC) warned on 19th April of an emerging threat to Western critical national infrastructure posed by hackers sympathetic to Russia and its war on Ukraine. Although such groups are ideologically motivated and align themselves with Russian state interests, they are "not subject to formal state control," the alert said.

Now, a government minister has warned that Russia-aligned hackers are seeking to "disrupt or destroy" Britain's critical infrastructure.

The groups have started to focus on the UK in recent months, Cabinet Office Minister, Oliver Dowden says. These groups are ideologically motivated and not formally controlled by the Russian government, making them less predictable, according to the NCSC's alert.

Russia-aligned "hacktivists" have carried out a largely harmless online campaigns that have defaced prominent public websites or knocked them offline. However, some of those groups have been actively plotting ways to do more real-world damage, according to the NCSC. 

"Some have stated a desire to achieve a more disruptive and destructive impact against western critical national infrastructure, including in the UK... We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected," said the NCSC alert, which was released during a two-day security conference hosted by the NCSC and GCHQ in Belfast.

A successful cyber attack on critical national infrastructure such as an energy grid or water supply could be highly destructive and do serious real-world damage.

Gavin Millard, Deputy Chief Technology of leading cyber security firm Tenable observed that "Threats from state based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue... With an aging infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide ranging impacts to the population and economy."

In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 per cent drop in the number of ransomware attempts. It attributed this to several factors, including a “downward” trend in the number of organisations willing to pay cyber criminals. “With roughly two thirds of state-sponsored cyber attacks coming from Russia, and 75% of money generated by ransomware in 2021 going to groups “highly likely to be affiliated with Russia,” anything affecting that country has an outsized effect on cybercriminals, and in turn, cybercrime,” says the SonicWall Report.

Meanwhile, there has been increased government and law-enforcement focus on taking down ransomware criminals and the apparatus they use to support their business. This crackdown has come in the wake of several debilitating attacks on high-profile targets, such as the Colonial Pipeline attack in 2021.

John Fitzpatrick, CTO at cyber security services firm Jumpsec said “The specific threat that Oliver Dowden spoke of is somewhat different, these are groups sympathetic to Russia but not necessarily state-sponsored or sanctioned groups. Their capability is not to the level we typically associate with the Russian threat, and it is far less predictable... For those investing heavily in cyber resilience, this really should not change a lot, but the likelihood of Denial of Service (DoS) and other "low bar to entry" type attacks will, no doubt, increase and so it may be sensible for some organisation to validate their plans in those areas in light of this warning."

Russia’s invasion of Ukraine has also had some unexpected effects - many Russian based hackers have turned their attention to attacks related to the conflict, rather than ransomware, or have had their operations disrupted by sanctions against Russia.

SonicWall:        NBC:     Reuters:     FT:     BBC:   Cyprus Mail:     UPI

You Might Also Read: 

NCSC Alert: British Journalists & Politicians Are Hacking Targets:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

 


 

« Sharing Threat Intelligence
An Increasingly Diverse Attack Landscape »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Xage Security

Xage Security

Xage is the world’s first blockchain-protected security platform for Industrial IoT.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

AVORD

AVORD

AVORD is a cloud-based security testing platform that allows clients to manage security testing requirements in a far more productive and efficient way.

Quantum Generation

Quantum Generation

Quantum Cyber Security for a new age of communications. We are developing the largest decentralized orbital, and ground quantum mesh network based on blockchain technology.

Pioneer Search

Pioneer Search

Pioneer Search is a UK based Technology & Change, Electronics Engineering, Cyber Security & Cloud and Data & Analytics Employment Agency.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

G-71

G-71

G-71 LeaksID is a cutting-edge ITM technology aimed at safeguarding sensitive documents from insider threats.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

DV Cyber Security

DV Cyber Security

DV Cyber (formerly A76) is an innovative cyber security company vertically focused on Threat Intelligence and Cyber Security Research.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.