Ministers are to unveil a series of measures to help companies counter Russian hackers who they warn want to “interrupt or destroy” critical UK infrastructure.
Cabinet Secretary Oliver Dowden said in a speech in Belfast this morning that “hackers like Wagner” – referring to Russian mercenaries fighting in Ukraine – pose a serious threat to the UK.
Speaking at the CyberUK conference in Belfast, Mr Dowden said: “Revealing this threat is not something we do lightly.”
“But we believe it is necessary if we want these companies to recognize the current risks they face and take action to protect themselves and the country.”
The National Cyber Security Center (NCSC), part of the intelligence and security agency GCHQ, also warned companies of the threat.
What threat do Russian hackers pose?
Since the Russian invasion of Ukraine began, according to the NCSC, “a new class of Russian cyberenemies has emerged” consisting of “pro-state groups often sympathetic to the Russian invasion.”
These actors are motivated “ideologically rather than financially” and “are not subject to formal state control”, which means that their actions are “less predictable”.
According to the NCSC, these hackers often target distributed denial-of-service (DDoS) attacks when a system’s bandwidth or resources are overwhelmed by heavy activity, as well as obfuscating websites and spreading misinformation.
But he also warned that these actors “expressed a desire to exert a more disruptive and disruptive influence on the West’s critical national infrastructure” but did not specify what form this might take.
“We expect these groups to look for ways to have such an impact, especially where systems are poorly secured,” the post reads.
It is “unlikely” for such unaided groups to “act more destructive than destructive” in the short term.
But the NCSC said “organizations are acting now to manage the risk of successful attacks in the future.”
Does China also pose a threat to cyber security?
Lindy Cameron, CEO of NSCS, will warn of the dangers of “China’s dramatic rise as a tech superpower” in a speech to CyberUK in Belfast.
She told Sky News: “What I’m saying about China is that, as we say in the comprehensive review, China is a game-changing threat.”
She added: “The scale and speed of their ambition and technology is something that everyone at the conference should take seriously.
“We should not be surprised that as technology changes and improves, our adversaries are also thinking about how to use it. It’s not a shock.”
Concern over China’s influence has already prompted the UK government to ban Chinese video-sharing app TikTok on the mobile phones of ministers and civil servants.
A similar step was also taken by the US authorities and the European Commission.
Have the attacks already begun?
Speaking on BBC Radio 4 Today Speaking on Wednesday’s program, Ms Cameron said there had been “pretty little activity” in the UK in recent months, but there had been “really significant cyber activity in Ukraine as a result of the conflict with Russia.”
“We want to make sure people are ready for the consequences if these groups care about more than just Ukraine,” she said.
Asked if there had been any attempts to target the UK, she added: “We’re seeing some evidence of this, but I won’t go into details.”
What is the government doing about this?
In a speech on Wednesday, Mr Dowden, Chancellor of the Duchy of Lancaster, will announce that critical sectors will be given cyber resilience targets to achieve within two years.
Private sector companies involved in the protection of critical infrastructure are also covered by the plans.
“These are companies that should ensure the work of our country. So the light is on,” he says.
Our common prosperity depends on them taking their own security seriously.
How can companies protect themselves?
The NCSC recommended that organizations follow their existing guidance on what to do in the event of an increase in cyber threats, including ensuring that core cybersecurity principles are in place to protect their devices, networks and systems.
These measures include keeping devices and software up to date, encouraging employees to use strong passwords and multi-factor authentication, and a cyberattack plan.
Businesses are also encouraged to monitor third party access to their IT systems and inform NCSC of any threats.
Source: I News
With a background in journalism and a passion for technology, I am an experienced writer and editor. As an author at 24 News Reporter, I specialize in writing about the latest news and developments within the tech industry. My work has been featured on various publications including Wired Magazine and Engadget.