Russian hackers have reportedly tried to break into the U.K.’s network infrastructure in reconnaissance forays -- possibly to set up large scale attacks, a spy official said.
Ciaran Martin (pictured above), head of the National Cyber Security Center, told the U.K.’s Evening Standard that Russian bad actors had climbed inside the U.K’s network systems perhaps to spy or as part of a broader plan to attack the country’s critical national infrastructure.
Martin didn’t eliminate the possibility that other adversaries may also have examined the U.K.’s infrastructure networks. “One of the things that we need to worry about is the fact that Russia and other hostile states have put down landing points on networks from which they could build out,” he said. “They can use them for spying... but they can also use them as the potential foundation for future destructive attack.”
The warning bore similarities to a campaign Russian hackers conducted in the U.S. last March, in which cyber actors gained access to small commercial facilities’ networks, installed malware, conducted spear fishing campaigns and made their way inside critical infrastructure networks. The attackers could have shut down or crippled nuclear power plants and systems controlling water, electricity, aviation and commercial manufacturing but didn’t, leading officials to suspect it was a fact gathering mission to collect information on industrial control systems.
Two months later, U.S. intelligence revealed that another similar attack last year was larger than first thought, involving hundreds of U.S. utilities rather than the the few dozen earlier believed.
Setting the Stage...
As in the U.S., U.K. intelligence officials think the hack was a first step for Russian operatives to learn about the country’s critical infrastructure and to see if unauthorized access could be gained. Launching a cyber attack, however, is another level of effort, Martin said.
“If you are going to launch a destructive attack, you need an entry point, a landing point on that network, and you start and build from there and it takes time,” said Martin. “If you want to do the most destructive type of cyber attack...unless you are very lucky...it will take time to build knowledge of the network, it will take time to gain the requisite accesses to be able to do the damage that an adversary would be seeking to do.”
Meanwhile, U.K. Cabinet minister David Lidington said all public sector infrastructure will be tested in simulations under a new program. “It uses cutting-edge intelligence to determine the objectives of our cyber attackers, their priorities for attack, and the techniques and vulnerabilities they may attempt to exploit,” he said.