Hackers allied with Russia are targeting Britain’s critical infrastructure (Kritis), the National Cyber Security Center (NCSC) warns. The cybercriminals are “not financially, but ideologically” motivated. Companies from Great Britain could also be targeted. This is what Oliver Dowden, Chancellor of the Duchy of Lancaster, is due to speak at the NCSC’s CYBERUK conference in Belfast on Wednesday. His prepared statements are available to media such as Bloomberg and the Guardian.
Similarities with paramilitary Wagner group
According to warnings from the British NCSC, this is a “new class of Russian cybercriminals”. While past activity has focused on DDoS attacks, spreading fake news and disrupting websites – like NATO’s in February – some of the groups have expressed a desire to do more damage to Western infrastructure.
The pro-Russian hackers are reportedly organized along similar lines to the Russian paramilitary Wagner group and have turned their attention to the UK in recent months.
The NCSC reports “destructive and disruptive attacks.” Organizations should prepare for an increased threat. The come from “state-oriented groups that sympathized with the Russian invasion of Ukraine”. Possible actions are hardly predictable, since the “Wagner cyber troop” is not subject to the control of a state.
According to Dowden, potential targets include companies “responsible for keeping our country running,” according to the Bloomberg report. According to the prepared remarks, Dowden will announce that national critical infrastructure operators – responsible for defense, health, energy and finance – will meet certain cybersecurity targets by 2025.
Aggressive US cybersecurity strategy – Germany on the defensive
The US government announced its new cybersecurity strategy in early March. For example, it wants to shift the responsibility for defending cyberspace away from individuals, small businesses and local governments to the organizations that are better able to do it. In Germany, people want to remain on the defensive when it comes to cyber security – they want to get the ball rolling, but not throw it.
Earlier this year, British postal and logistics service provider Royal Mail was the victim of a cyber attack. It took more than 4 weeks for the systems and international shipping to be restored.