Former UK Spy Boss Say Russia Is 'live testing' Cyber-Attacks

Former GCHQ chief Robert Hannigan has warned that the emergence of a commodity marketplace for hacking has changed and escalated the threat.

Crooks have solved the skills shortage problem by creating a gig economy and creating "more impressive" and capable tools. Hannigan made the comments during a keynote speech Weaponising the web: Nation-state hacking and what it means for enterprise cybersecurity at the Infosec 2018 conference in London.

During a wide-ranging presentation, the former cyber spy boss said that the problem posed by nation state attackers had increased over the last five years and become an issue for enterprises as well as governments. 

"Nation state attacks using criminal group as a proxy" is a "fairly new issue" and one of the issues along with the commoditisation of hacking tools that makes international geo-politics a feature of corporate security.
Nation states behave in cyberspace in the same way as the real world, Hannigan explained.

North Korea (a centre for counterfeiting) is attacking banks that are on the SWIFT network, as well as crypto exchanges to steal money.

"This is a rational state pursuing rational objectives," Hannigan told Infosec Europe delegates. Iran targeted banks and more recently unis, according to the attribution of Western intel agencies, the former spy boss said, warning that the Trump administration's rejection of a nuclear treaty with Iran could escalate tension in cyberspace.

Russia presents a greater threat in terms of sophistication and a greater overall danger, not least because it doesn't mind being destructive, Hannigan warned. The destructive element of attacks blamed on Russia includes NotPetya and attacks on the Ukrainian power grid.

Attacks attributed back to Russia have become more sophisticated, brazen and even a little bit reckless. Russia appears to be live-testing cyber-attacks, as has been speculated about the recent planting of the VPNFilter backdoor on routers, although the intent is unknown.

"It's unclear if that was a mistake or an experiment," Hannigan said. "Russia seems to be live testing things in cyber, as it has been [on the ground] in Syria, but it's a doctrine we don’t fully understand."

Power systems and hospitals are connected to the 'net and, as the WannaCry attack showed, the possibilities of collateral damage from malware are massive. "The problem is that the risk of miscalculation is huge," Hannigan warned. 

Asked at the start of an audience Q+A whether the UK was at cyberwar with Russia, Hannigan replied that it probably was. "It certainly feels like we are in a state of conflict," he mused.

Hannigan served as the GCHQ's director between November 2014 until January 2017. Highlights of his tenure include the creation of the NCSCas an operational part of GCHQ. Since leaving the signals intelligence agency, Hannigan has spoken out repeatedly against the advisability and practicality of encryption backdoors.

The Register

You Might Also Read: 

Cyber Attackers Will Soon Kill Somebody:

Former Spy Chief Takes Top Cybersecurity Job:

 

« Ukraine Says Russian Hackers Are Preparing A Massive Strike
A Guide To Addressing Corporate IoT Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

JLT Specialty

JLT Specialty

JLT Specialty is a leading specialist insurance broker. Services offered include Cyber Risks insurance.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Kaymera Technologies

Kaymera Technologies

Kaymera’s comprehensive mobile enterprise security solution defends against all mobile threat and attack vectors.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

Gulf Business Machines (GBM)

Gulf Business Machines (GBM)

GBM is a leading end-to-end digital solutions provider, offering the broadest portfolio, including industry-leading digital infrastructure, digital business solutions, security and services.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.