British Cyber Security Agency Issues An Alert

Uploaded on 2023-04-19 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW

The British government's National Cyber Security Centre (NCSC) warned on 19th April of an emerging threat to Western critical national infrastructure posed by hackers sympathetic to Russia and its war on Ukraine. Although such groups are ideologically motivated and align themselves with Russian state interests, they are "not subject to formal state control," the alert said.

Now, a government minister has warned that Russia-aligned hackers are seeking to "disrupt or destroy" Britain's critical infrastructure.

The groups have started to focus on the UK in recent months, Cabinet Office Minister, Oliver Dowden says. These groups are ideologically motivated and not formally controlled by the Russian government, making them less predictable, according to the NCSC's alert.

Russia-aligned "hacktivists" have carried out a largely harmless online campaigns that have defaced prominent public websites or knocked them offline. However, some of those groups have been actively plotting ways to do more real-world damage, according to the NCSC. 

"Some have stated a desire to achieve a more disruptive and destructive impact against western critical national infrastructure, including in the UK... We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected," said the NCSC alert, which was released during a two-day security conference hosted by the NCSC and GCHQ in Belfast.

A successful cyber attack on critical national infrastructure such as an energy grid or water supply could be highly destructive and do serious real-world damage.

Gavin Millard, Deputy Chief Technology of leading cyber security firm Tenable observed that "Threats from state based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue... With an aging infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide ranging impacts to the population and economy."

In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 per cent drop in the number of ransomware attempts. It attributed this to several factors, including a “downward” trend in the number of organisations willing to pay cyber criminals. “With roughly two thirds of state-sponsored cyber attacks coming from Russia, and 75% of money generated by ransomware in 2021 going to groups “highly likely to be affiliated with Russia,” anything affecting that country has an outsized effect on cybercriminals, and in turn, cybercrime,” says the SonicWall Report.

Meanwhile, there has been increased government and law-enforcement focus on taking down ransomware criminals and the apparatus they use to support their business. This crackdown has come in the wake of several debilitating attacks on high-profile targets, such as the Colonial Pipeline attack in 2021.

John Fitzpatrick, CTO at cyber security services firm Jumpsec said “The specific threat that Oliver Dowden spoke of is somewhat different, these are groups sympathetic to Russia but not necessarily state-sponsored or sanctioned groups. Their capability is not to the level we typically associate with the Russian threat, and it is far less predictable... For those investing heavily in cyber resilience, this really should not change a lot, but the likelihood of Denial of Service (DoS) and other "low bar to entry" type attacks will, no doubt, increase and so it may be sensible for some organisation to validate their plans in those areas in light of this warning."

Russia’s invasion of Ukraine has also had some unexpected effects - many Russian based hackers have turned their attention to attacks related to the conflict, rather than ransomware, or have had their operations disrupted by sanctions against Russia.

SonicWall:        NBC:     Reuters:     FT:     BBC:   Cyprus Mail:     UPI

You Might Also Read: 

NCSC Alert: British Journalists & Politicians Are Hacking Targets:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

 


 

« Sharing Threat Intelligence
An Increasingly Diverse Attack Landscape »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Voyager Networks

Voyager Networks

Voyager Networks is an IT solutions business with a focus on Enterprise Networks, Security and Collaborative Communications.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

Myra Security

Myra Security

Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.

Eclypsium

Eclypsium

Eclypsium protects organizations from the foundation of their computing infrastructure upward, controlling the risk and stopping threats inside firmware of laptops, servers, and networks.

Abacode

Abacode

Abacode is a Managed Security Services Provider (MSSP). We help businesses consolidate all of their Regulatory Compliance & Cybersecurity needs, under one roof.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

RMRF Tech

RMRF Tech

RMRF is a team of cybersecurity engineers and penetration testers which specializes in the development of solutions for early cyber threat detection and prevention.

Virtual Technologies Group (VTG)

Virtual Technologies Group (VTG)

Virtual Technologies Group is a single source, IT product and services provider for SMBs and IT departments, delivering reliable, cost-efficient service, maintenance and support solutions.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

Vernetzen

Vernetzen

Vernetzen is an industrial network and cybersecurity innovator focused on delivering practical solutions to connect and secure industry across the globe.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.

GrayHats

GrayHats

GrayHats is a platform-based cybersecurity company devoted to delivering comprehensive, scalable, and proactive protection for businesses in an ever-evolving threat landscape.