Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks

Former GCHQ chief Robert Hannigan has warned that the emergence of a commodity marketplace for hacking has changed and escalated the threat.

Crooks have solved the skills shortage problem by creating a gig economy and creating "more impressive" and capable tools. Hannigan made the comments during a keynote speech Weaponising the web: Nation-state hacking and what it means for enterprise cybersecurity at the Infosec 2018 conference in London.

During a wide-ranging presentation, the former cyber spy boss said that the problem posed by nation state attackers had increased over the last five years and become an issue for enterprises as well as governments. 

"Nation state attacks using criminal group as a proxy" is a "fairly new issue" and one of the issues along with the commoditisation of hacking tools that makes international geo-politics a feature of corporate security.
Nation states behave in cyberspace in the same way as the real world, Hannigan explained.

North Korea (a centre for counterfeiting) is attacking banks that are on the SWIFT network, as well as crypto exchanges to steal money.

"This is a rational state pursuing rational objectives," Hannigan told Infosec Europe delegates. Iran targeted banks and more recently unis, according to the attribution of Western intel agencies, the former spy boss said, warning that the Trump administration's rejection of a nuclear treaty with Iran could escalate tension in cyberspace.

Russia presents a greater threat in terms of sophistication and a greater overall danger, not least because it doesn't mind being destructive, Hannigan warned. The destructive element of attacks blamed on Russia includes NotPetya and attacks on the Ukrainian power grid.

Attacks attributed back to Russia have become more sophisticated, brazen and even a little bit reckless. Russia appears to be live-testing cyber-attacks, as has been speculated about the recent planting of the VPNFilter backdoor on routers, although the intent is unknown.

"It's unclear if that was a mistake or an experiment," Hannigan said. "Russia seems to be live testing things in cyber, as it has been [on the ground] in Syria, but it's a doctrine we don’t fully understand."

Power systems and hospitals are connected to the 'net and, as the WannaCry attack showed, the possibilities of collateral damage from malware are massive. "The problem is that the risk of miscalculation is huge," Hannigan warned. 

Asked at the start of an audience Q+A whether the UK was at cyberwar with Russia, Hannigan replied that it probably was. "It certainly feels like we are in a state of conflict," he mused.

Hannigan served as the GCHQ's director between November 2014 until January 2017. Highlights of his tenure include the creation of the NCSCas an operational part of GCHQ. Since leaving the signals intelligence agency, Hannigan has spoken out repeatedly against the advisability and practicality of encryption backdoors.

The Register

You Might Also Read: 

Cyber Attackers Will Soon Kill Somebody:

Former Spy Chief Takes Top Cybersecurity Job:

 

« Ukraine Says Russian Hackers Are Preparing A Massive Strike
A Guide To Addressing Corporate IoT Security »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Fortress Group

Fortress Group

Fortress is specialized in confidential and discrete recruitment solutions and temporary staffing in the field of security and risk management.

The Data Privacy Group

The Data Privacy Group

The Data Privacy Group provide expert professional services underpinned by world leading automation tools and a consulting team specialized in privacy and data protection.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

Eclypses

Eclypses

Eclypses has a disrupting cyber technology, offering organizations an advanced data security solution called MicroToken Exchange (MTE).

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.

Elitery

Elitery

Elitery is an IT-managed service company that focuses on cloud and cybersecurity services.