NCSC: Major cyberattack could hit UK soon
October 18, 2018 | Expert Insights
The National Cyber Security Centre (NCSC) has warned that a major life-threatening cyberattack on the UK will take place in the near future. In its second annual review, the agency revealed it has handled more than 10 attacks a week, most of which trace back to hostile nations.
Background
The National Cyber Security Centre is a specialized information security arm of the UK’s spy agency Government Communications Headquarters (GCHQ). Formed in 2016, the organization is dedicated to “understanding the cybersecurity environment, sharing knowledge and using that expertise to identify and address systematic vulnerabilities.” It is responsible for responding to cybersecurity incidents that threaten the UK and improving its national cybersecurity capabilities and defences.
Its formation came as part of a sustained effort by the UK government to address the uptick in cyber threats and attacks targeting the UK, its infrastructure and the general public.
The NCSC headquarters was officially opened in Victoria, London, in February 2017 amid concerns raised by European counterparts, such as France and Germany, about the possibility of interference in upcoming elections at the time. Intelligence officials warned of an identifiable trend in Russian attacks in the West that threaten critical infrastructure and democratic processes following cyberattacks targeting the 2016 US presidential election.
Analysis
The NCSC said it has defended the UK against multiple attacks since 2016, but warned that a major cyberattack that threatens loss of life and other serious consequences is imminent. In its second annual review, the NCSC said it has dealt more than 10 attacks a week in the last two years.
Since 2016, the agency said it has handled 1,167 cyber incidents – 557 of which took place in the past 12 months. Most of these attacks are believed to be the work of hostile governments or state-sponsored hacker groups, the report said.
“They were undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries,” Ciaran Martin, CEO of the NCSC, wrote in the report. “These groups constitute the most acute and direct cyber threat to our national security. I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead, what we would call a Category 1 attack.”
According to the NCSC, a Category 1 attack is a “national cyber emergency” that causes “disruption of UK essential services or affects UK national security, leading to severe economic or social consequences or to loss of life.”
The Wannacry ransomware attack in 2017 – deemed to be the most prominent cyberattack in recent years – infected hundreds of thousands of computers across 150 countries and severely disrupted services worldwide. The crippling attack cost the UK’s NHS a total of £92 million - including £72m for IT support.
The WannaCry attack was classified as a category two attack which is defined as having a “serious impact on a large portion of the population, economy or government.”
“Although there have been several very significant incidents, thus far, the UK has avoided a Category 1 – most of our foremost international partners have not,” the report reads. “But even if this continues, we must be alert to the constant threat from countries who will attack critically important national networks to steal information for strategic or commercial reasons, and give themselves a starting point – ‘prepositioning’ – for a significant attack in the future.”
The report comes after the NCSC recently accused Russia’s military intelligence service, the GRU, of waging a campaign of “indiscriminate and reckless” cyber attacks targeting institutions across politics, businesses, media and sport.
However, the NCSC has noted that attacks targeting the UK come from “a range of states, as well as non-state sources.” Martin wrote: “There is much, much more to the cybersecurity threat to the UK than just Russia.”
The NCSC previously attributed the WannaCry ransomware attack to Lazarus Group – an elite hacker group linked to the North Korean government. In 2017, the Ministry of Defence warned of Chinese espionage group APT10 targeting IT suppliers to acquire sensitive military and intelligence data.
Assessment
Our assessment is that the NCSC’s announcement highlights the organization’s necessary role in protecting UK interests, critical infrastructure and defending against detrimental cyberattacks. We also believe it serves as a clear indicator of the rapid expansion, scale and sophistication of cyber attacks in recent years that target not only the UK but other nations as well. We believe global lawmakers and authorities must acknowledge and ensure cybersecurity becomes an indispensable part of national security strategies to detect, prepare for and avoid a potentially devastating Category 1 attack.
Read more:
Comments