Proliferation of ‘hackers for hire’ risks UK cyber-security, agency says

A proliferation of hostile cyber capabilities has already enabled more states, gangs and individuals to develop the ability to hack and spy online, according to the National Cybersecurity Centre's (NCSC) latest report. 

The NCSC – a part of GCHQ – warned that thousands of people are being targeted each year by hackers using surveillance software, which it described as posing an unpredictable threat.

The report highlights that 80 countries have purchased cyber intrusion software over the past 10 years. This included off-the-shelf capability, which the report described as "hacking-as-a-service" as well as hacking services, dubbed "hackers-for-hire".

The agency stressed that the sophistication of these commercial products is as effective as some of the tools developed by nation-states. It added that some nations have "almost certainly" used the technology to target journalists, human rights activists, political dissidents and opponents, and foreign government officials.

"Over the next five years, the proliferation of cyber tools and services will have a profound impact on the threat landscape, as more state and non-state actors obtain capabilities and intelligence not previously available to them," said Jonathon Ellison, director of resilience and future tech at NCSC.

"Our new assessment highlights that the threat will not only become greater but also less predictable as more hackers for hire are tasked with going after a wider range of targets and off-the-shelf products and exploits lower the barrier to entry for all."

The report was published to coincide with CyberUK, an annual cyber-security conference hosted by the NCSC. The two-day conference is taking place this year in Belfast.

It also followed the speech made by senior British minister Oliver Dowden at the same conference. Dowden used his appearance at the CyberUK conference in Belfast to stress the importance of cyber security for the UK economy and warn against “ideologically-motivated” attackers that seek to “disrupt or destroy” the nation’s critical infrastructure. 

“Ransomware is no longer just a crime,” Dowden said. “It is a national security threat and our response needs to reflect the severity of that threat. These are attacks on our citizens, our businesses and our democracy. They are an attempt to undermine our society.”

Over the past three years, the Covid-19 pandemic and Russia’s invasion of Ukraine have created conditions that have favoured a dramatic increase in cyber crime, effectively turning the cyber space into what Australia's cyber-security agency has described as “the domain of warfare”.

In the past year, the UK’s NHS, Apple in the US and even the Albanian government have all suffered severe cyber attacks that have disrupted their services and put their users’ personal information at risk. Many of these attacks have been linked to state-sponsored groups from nations such as Russia and China, which were found to have sponsored 44 and 38 cyber attacks, respectively, in 2022.

Earlier this year, Royal Mail suffered a ransomware attack that affected its computer systems and disrupted its services. The attack was claimed by LockBit, a hacker group with close links to Russia.