The Growing Threat Of Russian Cyber Reprisals On Britain

Banks, energy and water companies are on maximum alert over the threat of a serious cyber-attack from Moscow as concern continues over the safety of Russian exiles in the UK.

Fears that Russia will target Britain’s critical national infrastructure have prompted round-the-clock threat assessments by the UK’s financial sector, energy firms and GCHQ, the UK’s largest intelligence agency, along with the security services MI5 and MI6.

The Bank of England, major financial institutions, including Lloyds and organisations such as Water UK are working with the government’s National Cyber Security Centre (NCSC) to assess the next move from Moscow following the murder of Nikolai Glushkov, 68, and the Salisbury chemical attack.

Scotland Yard on Saturday 17th March issued a renewed appeal for information for anyone who may have seen a burgundy red BMW owned by Sergei Skripal, 66, the former Russian spy who was found unconscious on 4 March in Salisbury along with his daughter, Yulia.

The pair were poisoned with a nerve agent and remain critical but stable in hospital. Glushkov, a businessman and a known critic of President Vladimir Putin, was found strangled at his home in London last week. 

Police across Britain have begun contacting Russian exiles to discuss their safety as they investigate the murder of Glushkov, understood to have been on a list of 22 “fugitives” published by the Russian embassy in London last year. Officers have yet to establish if there is a link between the attacks.

Intelligence officials, however, fear that Moscow may strike next using very different methods, referring to Russia’s involvement in the crippling NotPetya ransomware cyber-attack last year that targeted Ukraine’s financial, energy and government sectors before it spread across the world.

On Thursday 15th March the Trump administration accused Russia of engineering a series of cyber-attacks that targeted American and European nuclear power plants and water and electricity systems, the first time the United States has publicly accused Moscow of hacking into America’s energy infrastructure.

The UK’s NCSC is based inside GCHQ and notifies UK firms considered to be “critical national infrastructure” and the government of the latest threat level. It is monitoring significant Russian activity in the UK, though it is understood that no specific threat from Russia has emerged since the attempted murder of Skripal and his 33-year-old daughter and the murder of Glushkov. Robert Hannigan, a former director of GCHQ and the National Security Council, told the Observer that the NCSC was monitoring “very large volumes” of attacks every day on the UK, including its globally important financial services.
Hannigan, who was responsible for the UK’s first cyber strategy in 2009 and is now a senior associate fellow at the Royal United Services Institute, said that from his experience, which also includes three years as prime minister Tony Blair’s security adviser, he had never seen Russia so unpredictable and hostile. “In their [the Russians] current mood it’s hard to know what they will do. What’s different now is the willingness to be reckless, not to play by the rules that most civilised countries play by and not to worry about being found out. They no longer seem to care.”

Hannigan said they were continually detecting Russians on UK cyber networks. “They’re constantly being found on networks but it’s their intent that matters more than the fact they are there. The difficulty with cyber is that you can be on a network to gather intelligence or you can be on a network to do something destructive and the two look pretty much the same.”

A senior banking source, confirming that the sector was working closely with GCHQ and the security services to evaluate any threat from Russia, said they were also concerned about the risk of attack, not just from the Kremlin but from rogue elements caught up in the febrile climate that has prevailed since the Salisbury chemical attack. 

“It is possible that Russian patriots may take it upon themselves to make a point at a time like this,” said the source.
A Lloyds spokesman said: “We update and test our defences regularly and work closely with both industry bodies and law enforcement agencies to help us protect our customers.” 

A Water UK spokesperson, which represents the major water companies, said it was in regular contact with government officials to ensure its cyber defences were sufficiently robust. 

The UK government has floated the idea of fining organisations which fail to implement effective cyber security measures as part of plans to make Britain’s essential infrastructure resilient against future cyber-attacks. 

Beyza Unal, a research fellow at Chatham House’s international security department, said that the UK had been shoring up its defences in the face of the evolving cyber threat. “The UK has a really good cyber defence strategy planning as well as organisation, each sector talks to the government organisations,” she said.

Latest figures from the NCSC reveal more than 1,100 attacks over the past year, 590 significant. Thirty required action by government bodies, a number of which targeted the UK’s internationally important financial sector.

Guardian

You Might Also Read:

Russia Warns UK Against Cyber Retaliation:

British IT Bosses Fear Sophisticated Cyber Threats:

UK To Increase National Cyber Defences:
 

« North Korea's Cyber Soldiers Are Concealed Abroad
Millions Of Facebook Profiles Were ‘Harvested’ In US Election Breach »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO was founded in 2015 with the aim of counteracting the threats posed by globally organized cybercrime and state-controlled industrial espionage.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Project Moore

Project Moore

Project Moore is an Amsterdam law firm specialising in IT-law and privacy.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Conseal Security

Conseal Security

Mobile app security testing done well. Conseal Security are specialists in mobile app penetration testing. Our expert-led security analysis quickly finds security vulnerabilities in your apps.

Cyware

Cyware

Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

CV-Library

CV-Library

Start your job search with 216,931 live UK vacancies on award-winning CV-Library. Register your CV and find local jobs near you today!

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

DevOcean

DevOcean

DevOcean, the leader in Cybersecurity Exposure Remediation, helps organizations cut through the chaos by automatically consolidating, prioritizing, and streamlining fixes.