Russia-linked hackers seek to ‘disrupt or destroy’ UK infrastructure

Ryan Daws is a senior editor at TechForge Media, with a seasoned background spanning over a decade in tech journalism. His expertise lies in identifying the latest technological trends, dissecting complex topics, and weaving compelling narratives around the most cutting-edge developments. His articles and interviews with leading industry figures have gained him recognition as a key influencer by organisations such as Onalytica. Publications under his stewardship have since gained recognition from leading analyst houses like Forrester for their performance. Find him on X (@gadget_ry) or Mastodon (@gadgetry@techhub.social)


UK Cabinet Office Minister Oliver Dowden has warned that Russia-aligned hackers are seeking to disrupt or destroy Britain’s critical infrastructure.

In a speech at the CyberUK conference in Belfast, Dowden unveiled new measures to support businesses “on the front line of our cyber defences” and described the hackers as “Wagner-like,” a reference to the Russian mercenaries fighting in Ukraine that have been repeatedly accused of war crimes.

The National Cyber Security Centre (NCSC) has also issued an official threat alert to critical businesses, recommending that organisations “act now” to protect themselves against the emerging cyber threat.

According to the NCSC, the hacking groups are often sympathetic to Russia’s invasion in Ukraine and are ideologically-motivated. The alert warns that the groups are “less predictable” because they are “not subject to formal state control.”

The NCSC also stated that some groups have expressed a desire to achieve a more disruptive and destructive impact against Western critical national infrastructure, including in the UK, and they expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected.

Dowden’s announcement includes plans to set cyber resilience targets for critical sectors to meet within two years and to bring private sector businesses working on critical infrastructure into the scope of resilience regulations.

“These are the companies in charge of keeping our country running. Of keeping the lights on. Our shared prosperity depends on them taking their security seriously,” said Dowden. 

The warning comes as a reminder of the continued threat posed by state-sponsored hacking groups and their ability to cause widespread disruption. The UK government has taken steps to address the issue, but the onus is on businesses and organisations to ensure their own cyber defences are up to the task.

Gavin Millard, Deputy CTO for cybersecurity firm Tenable, commented:

“Threats from state-based actors against critical infrastructure isn’t new and, as we’ve seen from multiple statements from the US, is a constant issue. With an ageing infrastructure and a vast attack surface vulnerable to known flaws, it’s important to know the weaknesses threat actors target and mitigate in a timely manner, as a successful cyber attack against critical assets could have wide-ranging impacts to the population and economy.

Attacks, such as those seen against JBS foods and the Colonial Pipeline, leveraged flaws such as Remote Desktop Protocol (RDP) and exposed Virtual Private Networks (VPNs) to gain initial access. Once a foothold had been found, gaining privileges and distributing malicious code was concerningly easy.

To prevent such actions from occurring, it’s critically important that organisations take a preemptive approach to identifying and addressing these exposures before they are leveraged.”

With cyberattacks increasing in frequency and complexity, it is imperative that all critical infrastructure sectors take the necessary steps to protect themselves and mitigate the risks of an attack.

Locked Shields 2023

The official threat alert from the NCSC was issued the same week as Locked Shields 2023 kicked off.

Locked Shields is the world’s largest live-fire cyber defense exercise and is organised by the  NATO Cooperative Cyber Defense Center of Excellence (CCDCOE).

“No other cyber defense exercise can offer as specialised and detailed of an experience as Locked Shields can. 24 Blue Teams from around the world must keep critical infrastructure and IT systems up and running,” said CCDCOE director Mart Noorma.

“Teams can demonstrate how well they can keep systems running under real-life situations and high pressure.”

Locked Shields has over 3,000 participants from 38 nations, including non-full NATO members.

“Technical specialists cannot solve a cyber crisis alone. Usually, decision-makers and experts from different governmental bodies and walks of life are those who try to repel the attacks,” added Noorma.

“This is why, in addition to cyber defense, we focus on strategy games, legal issues, and crisis communication at Locked Shields. Cooperation must be swift, because a large cyber attack can quickly escalate into a large-scale security crisis, and these kinds of exercises allow us to be better prepared.”

(Photo by David W. Meyer on Unsplash)

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , , , , , , , , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *