Iran, Russia and China behind most major cyberattacks on UK, security chief warns
The head of the UK’s National Cyber Security Center (NCSC) is set to reveal that hostile states including China, Iran and Russia are responsible for most of the major national cyber attacks targeting the UK.
Dr Richard Horne will speak at the annual CyberUK conference in Glasgow on Wednesday, highlighting that rapid technological developments and rising international tensions are creating a “turbulent sense of uncertainty” for the country.
Dr Horne is expected to warn that businesses must be prepared to defend themselves against cyber attacks without resorting to ransom payments.
He will warn that Britain could face “large-scale” attacks if it becomes embroiled in an international conflict. The NCSC, an arm of GCHQ, currently oversees around four nationally significant incidents each week. While these figures remain “fairly stable”, Dr Horne will highlight that many of them are driven by hostile state actors such as China, Iran and Russia.
“Criminal activity such as ransomware remains the most common threat to the vast majority of organizations.
“However, the majority of major national events that my teams cover now originate directly or indirectly from nation states.
“We know that China’s intelligence and military agencies now demonstrate an eye-watering level of sophistication in their cyber operations.
“This, combined with their whole-of-government approach, means we face not just a powerful cyber threat, but a peer adversary in cyberspace.
“We know that Iran is almost certainly using cyber activities to support the suppression of British people on our streets who are seen as a threat to the regime.
“And we know that Russia is taking the cyber lessons it learned on the battlefield and taking them beyond the battlefield.
“Tactics and techniques developed in conflicts are now directed at states considered enemies.”
He is expected to say that “Russia’s hybrid activity targeting assets in the UK and Europe continues.”
Earlier this month, hackers affiliated with Russia’s GRU military intelligence agency were accused of exploiting a weakness in commonly used internet routers to steal users’ sensitive information.
The NCSC said the APT28 group, also known as Fancy Bear, was able to redirect internet traffic to enable hackers to collect people’s email login passwords and other data.
Dr Horne will tell the conference that businesses need to be able to protect themselves against hackers and other cyber attacks without having to pay ransom to save themselves.
“If we were in or near a conflict situation, the UK would likely face large-scale hacktivist attacks with similar impacts and sophistication to the ransomware attacks we see today, but without the option of paying ransom to aid recovery.
“Defending against this means every organization incorporates cybersecurity into their corporate mission and ensures they understand the extent of the risk they face.”
He says Britain should embrace the use of AI as quickly as adversaries are using it to attack, and businesses should plan for the future when quantum computers could break widely used encryption processes.
Dr Horne will tell delegates that cybersecurity is an important part of defense amid rising international tensions.
“We are experiencing the most shocking geopolitical change in modern history,” he will say.
“As MI6 chief Blaise Metreweli said in December, our world is now more dangerous and controversial than it has been in decades.
“We operate in a space between peace and war. Let’s be clear, cyberspace is part of this competition.”
CyberUK is the UK government’s annual cybersecurity conference.
