Cyber Attack On Britain’s Defence Academy

Uploaded on 2022-01-03 in GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Hackers

A cyber attack on Britain's national Defence Academy, possibly by Russia or China, has caused “significant” damage, says a retired high-ranking officer. 

Air Marshal Edward Stringer, who retired in August, said the attack which was first discovered in March 2021 and meant the Defence Academy was required to rebuild its network. 

The targeting of an academic institution is an indication of how the frontline in modern warfare can be anywhere, the former director general of the academy told Sky News.He did not know if criminals or a hostile state, like China, Russia, Iran or North Korea, were responsible, but the damage has yet to be fully rectified nine months later

Stringer said the attack, was first detected March 2021, meant the Defence Academy was forced to rebuild its network. Stringer did not know if criminals or a hostile state, such as China, Russia, Iran or North Korea, were responsible but the damage has yet to be fully rectified. “It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack that was just, you know, a genuine criminal organisation... There were costs to … operational output. There were opportunity costs in what our staff could have been doing when they were having to repair this damage." he said. 

News of this event appears alongside disclosure of a similar damaging attack on Belgian defence networks. 

It is the first time a senior officer has spoken on the record about the cyber attack and its impact on the academy, which is based in Shrivenham, Oxfordshire, and teaches thousands of British and overseas military officers every year. The school teaches 28,000 military personnel, diplomats and civil servants a year and moved more online during the pandemic.

Stringer the attack was not successful and while the hackers may have been using the academy as a “backdoor” to other Ministry of Defence systems, there were no breaches beyond the school.

Air Marshall Stringer was also director general of joint force development and led British military thinking about how it would adapt to the future of warfare, said the attack fell within a so-called grey zone of harm, which falls below the threshold of war

The National Cyber Security Centre, a branch of GCHQ, was also made aware of the hack and a British Defence Ministry official said: “In March 2021 we were made aware of an incident impacting the Defence Academy IT infrastructure. We took swift action and there was no impact on the wider Ministry of Defence IT network. Teaching at the Defence Academy has continued.”

GBNews:        Sky:         Independent:      Leicester Mercury:       Enfield Independent:      Guardian

You Might Also Read:

British Military Aim To Reduce Their Attack Surface:

 

« Malicious Joker App Gets Half A Million Downloads
NSO Spyware Used To Hack Political Leaders In Poland »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

Sift

Sift

The Sift Digital Trust Platform protects your business and customers from all vectors of fraud and abuse through our Live Machine Learning, global trust network and automation technologies.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

redGuardian

redGuardian

redGuardian is a DDoS mitigation solution available both as a BGP-based service and as an on-premise platform.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Snowflake

Snowflake

Empower your cybersecurity and compliance teams with Snowflake. Gain full visibility into security logs, at massive scale, while reducing costs of Security Information and Event Management systems.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

Merkle Science

Merkle Science

Merkle Science provides next generation risk mitigation, compliance and forensics for crypto-native businesses, DeFi participants, financial institutions & government agencies.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

Secure Cyber Management

Secure Cyber Management

Secure Cyber Management provides industry-leading cloud security advice, guidance and services.