Monday, April 23, 2018

Russia Suspected of Hacking Campaign

The UK's National Cyber Security Centre (NCSC), the FBI and the US Department of Homeland Security have warned that Russia may be behind a broad hacking offensive targeting millions of machines that direct data around the net.

Networking Equipment Targeted

US and UK security agencies have issued a joint internet security alert warning and have been reported as suggesting that a surge in global hacks targeting the networking equipment used to move traffic across the net is the result of a Russian state-sponsored campaign.

Why?

Some commentators have suggested that the deterioration between the relationship between Russia and the West resulting from issues like accusations of election meddling, the poisonings in Salisbury, and arguments over the Syrian conflict may have contributed to an online revenge offensive.

As well as the disruption caused, the aim appears to be espionage / the theft of information (which actually dates back at least to the late 1990s), and the threat (so far) of destructive acts of sabotage e.g. disabling parts of the electricity grid. These kinds of suspicions have arisen because many recent hacks appear to be pre-positioning in networks that are part of the critical national infrastructure.

Cyber War Ahead?

While we are being told that we have returned to another 'Cold War' situation, some commentators have suggested that we may be on the brink of a cyber-war with Russia, even though there has not been any real significant cyber-attack or change of behaviour from Russia.

Although Russia has been accused of launching destructive attacks against Ukraine, which had a negative effect on businesses there, and despite the apparent reported increase in cyber-attacks from Russia, it is still difficult for many to say whether Russia has the capability to carry out very destructive cyber attacks. Cyber attacks are often harder to trace and easier to deny than military attacks.

UK’s Own Offensive

It is worth remembering too, that as well as having defences in place, the UK has its own offensive cyber-capability, honed for over a decade, starting in the conflict in Afghanistan. Recently, for example, the UK and the US are reported to have targeted the Islamic State group with cyber attacks, with some degree of success. It would be naive to assume, therefore, that the UK is not planning / undertaking its own activities in Russia e.g. pre-positioning in Russian networks to be able to respond to any Russian cyber aggression.

What Does This Mean For Your Business?

At the moment, it is simply a case that a warning has been issued. If a cyber-conflict does start in a noticeable way, as in real war, it is likely to be individuals, businesses, and other organisations and other services that suffer e.g. service providers, firms running critical infrastructure, government departments and large companies first, followed by other UK businesses. The Internet plays an essential role in modern business and disruption of vital network infrastructure could damage UK businesses and their competitiveness in the home and global market.

UK businesses also face the threat of foreign state-sponsored attacks designed to spy on / steal data, and undermine firewalls and intrusion detection systems used to spot malicious traffic before it reaches users. It has never been more important, therefore, for businesses to configure security systems correctly, apply patches and address any hardware vulnerabilities, and to make sure that their cyber resilience is at its best across all possible channels.

No comments: