The Russia connectionRussia’s “destructive” bugs lurking in U.K. computers waiting to strike: U.K. chief cyber spook
Russia already has “destructive” bugs hidden, lurking in British computers waiting to strike, the head of U.K. National Cyber Security Center told a parliamentary committee. Ciaran Martin said that the Kremlin’s list of targets to be disrupted has expanded beyond the U.K.’s “hard infrastructure” such as energy networks to include democratic institutions and the media. “In the last two years, we have seen a consistent rise in the appetite for attack from Russia on critical sectors, as well as diversification to other sectors they may attack. In addition to the more traditional targeting of hard infrastructure, like energy infrastructure, we have seen against the West as a whole the targeting of softer power - democratic institutions, media institutions and things relating to freedom of speech,” Martin said.
Ciaran Martin, the chief executive of the U.K. National Cyber Security Center (NCSC) told the parliamentary Joint Committee on National Security Strategy that Russia already has “destructive” bugs hidden, lurking in British computers waiting to strike.
Martin that the Kremlin’s list of targets to be disrupted has expanded beyond the U.K.’s “hard infrastructure” such as energy networks to include democratic institutions and the media.
“In the last two years, we have seen a consistent rise in the appetite for attack from Russia on critical sectors, as well as diversification to other sectors they may attack.
“In addition to the more traditional targeting of hard infrastructure, like energy infrastructure, we have seen against the West as a whole the targeting of softer power - democratic institutions, media institutions and things relating to freedom of speech,” Martin said.
He also noted the growing cyber activity by North Korea: “We have seen a diversification by North Korea away from what might be called political retaliation attacks into, frankly, the theft of money, which is what we believe was behind the WannaCry attack.”
The Mirror reports that Martin emphasized the threat from bugs in systems waiting to be activated.
“Are we concerned about lurking hostile presences on networks? Yes,” he said.
“Does that mean they can be automatically and immediately turned hostile? I think it’s a bit more complicated.”
He warned of a “sustained Russian presence in the U.K. and U.S. internet infrastructure” as a part of a “campaign”.
“It’s a foothold, it’s an intrusion that you can use for ongoing espionage purposes or you can use to develop it as the potential for a hostile and disruptive and destructive act in the future,” he added.
David Lidington, Prime Minister Theresa May’s deputy, told the parliamentary committee that last year’s WannaCry ransomware attack, which paralyzed computers across the National Health Service (NHS), highlighted the urgent need for U.K. authorities to “get a greater grip” on the vulnerability of critical infrastructure.
He told the committee: “What we are seeing is a range of cyber threats from both nation states and cyber criminals, a rising level of threat with more frequent and more complex attacks and more sectors that we can identify as being at risk.
“Last year we saw attacks on CNI (critical national infrastructure) in the health, media, telecoms and energy sectors.
“We have become more aware in the last two years of the potential vulnerability of CNI supply chains as a target for attack.”
The WannaCry attack showed the vulnerability of some computers to even a small-scale breach, like the insertion of an infected memory stick into a single machine, Lidington said.
“It is important we get a greater grip on these supply chains,” he added.
“We have also started to become even more aware than we were two years ago of the capacities of certain state actors and their readiness to use that cyber capability.”
