Russia-linked Hackers Want To ‘Destroy’ UK, Minister Warns

Businesses have been warned that Russian hackers want to ‘disrupt or destroy’ UK infrastructure, a government minister will tell a cyber security conference in Belfast.

Cabinet Office secretary, Oliver Dowden, in a speech to a CyberUK 2023 event in Belfast on Wednesday, will warn of the dangers posed by ‘ideologically motivated, rather than financially motivated’ hackers.

Dowden will issue a national alert in an effort to encourage British organisations and companies to bolster their cybersecurity defences.

Cyber resilience

The CyberUK 2023 conference in Belfast began with a welcome speech by Lindy Cameron, CEO of the UK’s National Cyber Security Centre (NCSC).

Cameron took over leading GCHQ’s NCSC in 2020 from Ciaran Martin, who had led NCSC since it began operations back in October 2016.

“Russia’s horrific and illegal invasion of Ukraine has seen them maintain a high operational tempo in their cyber operations, with the GRU taking a leading role,” Cameron told the conference.

“However, a significant collaborative effort mounted by Ukraine’s cyber defences – with support from foreign governments and the cyber security industry has been fundamental in reducing the effectiveness of Russian offensive cyber activity,” said Cameron.

Cameron added that she was “really proud of the role the NCSC played, in conjunction with FCDO and our allies, in supporting the Ukrainians’ staunch cyber defence in the face of Russian hostility.”

“If there is to be a single takeaway from the Russia-Ukraine conflict, it’s the importance of effective cyber resilience,” said Cameron. “However, I don’t think we are yet doing enough to protect our infrastructure from the cyber threats emerging from Russia-aligning groups.”

She said that Oliver Dowden would say more about this shortly.

In April 2022, the NCSC warned about the risk of Russian retaliation via state-sponsored and cyber criminals, against critical infrastructure.

National alert

According to Sky News, Oliver Dowden is expected to say that hackers linked to Russia can be compared to the Wagner paramilitary organisation.

Wagner is a Russian mercenary group that has been accused of carrying out multiple war crimes in Ukraine.

These groups are “ideologically motivated, rather than financially motivated,” and have begun to target Britain this year, Dowden will say.

Their main aim, he will add, is “to disrupt or destroy” and they are less likely to show the same level of restraint as national actors – making the situation “particularly concerning.”

In a sign of the growing danger, the National Cyber Security Centre is issuing an official threat notice to operators to help protect the country, Sky News reported.

Dowden will also reportedly tell the conference he is appealing to “companies in charge of keeping our country running, of keeping the lights on… our shared prosperity depends on them taking their own security seriously.”

Cyber accountability

“A bricks-and-mortar business wouldn’t survive if it left the back door open to criminals every night. Equally in today’s world, businesses can’t afford… to leave their digital back door open to cyber crooks and hackers,” he will say.

Dowden will announce measures that will encourage certain businesses “on the front line of our cyber defences” to strengthen their security and boost the economy.

The plans will also include proposals to bolster the government’s ability to hold operators of critical infrastructure to account.

These will include setting “specific and ambitious cyber resilience targets” for all critical national infrastructure sectors to meet by 2025.

Ministers will also try to bring all private sector businesses working in critical national infrastructure within the scope of cyber resilience regulations.

National defences

The national alert about the threat from Russian hackers led Jake Moore, global security advisor at ESET, to state that the UK’s cybersecurity defences constantly need a reform.

Moore also noted that this annual reminder is intended to keep decision makers firmly focused on improving protection of all organisations.

“When the UK’s critical infrastructure relies on third parties, it is everyone’s responsibility in the supply chain to keep the country secure,” said Moore.

“Better awareness training, partnerships with private companies and continual funding in up-to-date security products help thwart large scale attacks and make the security perimeter stronger.”

Serious warning

Another cybersecurity expert, Xavier Bellekens, CEO of Glasgow-based threat detection specialist Lupovis.io, warned that in the last year, since Russia’s invasion of Ukraine began, there has been a significant rise in Russian cybercrime activity.

Bellekens said that in light of this, “this announcement isn’t very surprising, but it shouldn’t be taken lightly.”

“The news from NCSC also correlates with what we are seeing through our decoys, which have been set up on the internet to learn about threat actor Techniques, Tactics and Procedures,” said Bellekens. “When a county or organisation publicly unites with Ukraine, they become a target for Russian threat actors, and critical infrastructure is frequently the victim.”

“Criminals understand the real devastation they can cause to society through attacks on critical infrastructure,” said Bellekens. “These attacks are not money motivated, they are carried out to cause harm to civilians by shutting down essential supplies, such as water, oil, gas or food manufacturers. And the bad news is, as our infrastructure grows increasingly connected through automation, they are much easier for attackers to execute.”

“With critical organisations being such a prime target today, these businesses must do more to protect their assets,” said Bellekens. “We often see OT networks being connected directly up to the web, which is a critical red flag that must stop. When it comes to cybersecurity, organisations must rely on segmentation, threat monitoring, vulnerability management and visibility to improve their defences.”