Russia-linked groups seek to ‘destroy’ UK critical infrastructure, minister warns
Image credit: Canva
The UK is facing “ideologically motivated” cyber threats from Russia-aligned groups, Cabinet Office minister Oliver Dowden has warned in a speech.
In response to the rising threat from state-backed hackers, the National Cyber Security Centre (NCSC) will issue an “official threat notice” to operators of critical national infrastructure.
The move has been confirmed by Dowden, who used his appearance at the CyberUK conference in Belfast to stress the importance of cyber security for the UK economy, warning against "ideologically-motivated" attackers that seek to "disrupt or destroy" the nation's critical infrastructure.
"Ransomware is no longer just a crime," Dowden said. "It is a national security threat and our response needs to reflect the severity of that threat. These are attacks on our citizens, our businesses and our democracy. They are an attempt to undermine our society."
The minister stressed that over the last 18 months the NCSC has seen an increase in activity from several Russia-aligned groups sympathetic to Putin’s invasion of Ukraine. Described as "the cyber equivalent of the Wagner group", these actors have expanded their targets beyond Ukraine and begun focusing on its allies, including the UK, with a view to destroying the country's critical infrastructure, Dowden said.
In order to respond to this threat, the NCSC is recommending that organisations take immediate action to protect themselves.
"This is an unprecedented warning for businesses," the minister said. "We have never publicly highlighted the threat from these kinds of groups attempting such attacks before.
"We do believe it is necessary at this point in time, if we want companies to understand the current threat they currently face and to take action to defend themselves and the country against such attacks."
In his speech, Dowden specifically referred to critical infrastructure companies, which he described as "companies in charge of keeping our country running", and stated that the UK's prosperity "depends on them taking their own security seriously".
The NCSC has also warned that the groups are "less predictable" because they "not subject to formal state control" and therefore are less likely to show restraint.
In order to combat this threat, Dowden announced a new set of cyber-security measures, known as GovAssure, aimed at protecting the UK’s critical IT systems. Moreover, the minister revealed the government's plans to to set “specific and ambitious cyber-resilience targets” for all critical national infrastructure sectors to meet within two years.
However, to be able to achieve this, the government “needs to break through its own glass ceiling” on attracting talented cyber-trained experts, Dowden admitted, promising to look at whether salaries can be improved.
Lindy Cameron, CEO of the NCSC, has also called for the UK's critical national infrastructure to be protected from hackers.
"What we are still seeing is quite low-level activity but it is really important that our critical national infrastructure is well-protected and resilient," she told BBC Radio 4's Today programme. “We want to ensure people are ready for the kind of threat they could face in the future."
Over the past three years, the Covid-19 pandemic and Russia's invasion of Ukraine have created conditions that have favoured a dramatic increase in cyber crime, turning the cyber space into “the domain of warfare”.
In the past year, the UK’s NHS, Apple in the US and even the Albanian government have all suffered severe cyber attacks that have disrupted their services and put their users’ personal information at risk. Many of these attacks have been linked to state-sponsored groups from nations such as Russia and China, which were found to have sponsored 44 and 38 cyber attacks, respectively, in 2022.
Earlier this year, Royal Mail suffered a ransomware attack that affected its computer systems and disrupted its services. The attack was claimed by LockBit, a hacker group with close links to Russia.
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.