It’s being reported that the National Cyber Security Centre has exposed a campaign by the GRU (Russian Military Service) of ‘reckless and indiscriminate’ cyberattacks on the UK targeting business, media, politics and sport. IT security experts commented below.
Ross Rustici, Senior Director, Intelligence Services at Cybereason:
“This coordinated rehashing of hacks that have previously been attributed to Russia is nothing more than a political stunt to make it appear to certain domestic constituencies that governments are taking the Russian cyber threat seriously. The NCSC report is akin to a sports team’s game tape. Here are all the plays Russia has run in the last two years that they have been successful with. The problem is, there is no indication that the collective US/UK governments have evolved their defenses faster than the Russians have changed their hacking methodology. Perhaps the Dutch incident will be seen as a turning point, where brazen Russian operations stop being successful. It might be a shot across the Kremlin’s bow to force them into a more covert operating stance. But overall, it is unlikely that Russia will change its operations because, fundamentally, they have been resoundingly successful.
Additionally, the UK’s attempt to cast Russia as a malign international actor falls into the category of too little too late. There are no norms when it comes to acceptable use of cyber capabilities. Each country has its own definition of what it will tolerate and what it wont. Currently, there has never been an instance of hacking that has gone above a covert action threshold. The United States and its allies failed to create a consensus around the acceptable use of cyber capabilities by countries, in part because they wanted to preserve their own freedom of action in this space. Now, it is too late to put the genie back in the bottle and we all must suffer the consequences of an unrestrained cyber capability.”
Patrick Hunter, EMEA Director at One Identity:
“Whilst it has been long suspected that the Russian GRU has been responsible for a number of global cyber-attacks, today has seen the NCSC confirm this.This is a step in the right direction in taking control of the situation. The term “reckless” used by the UK agency, doesn’t begin to describe the damage that has been done to both industry and the confidence of the citizens affected. The statement is clear that the UK and allies will stand firm together against these types of criminal activity and this is key. Globally, we’ve had enough.
The NCSC has been a huge investment by the UK government and their work has already seen a massive improvement in our defences. From education to implementation of good practice in every vertical and walk-of-life. So, the statement has been made and what comes next is crucial to getting the upper hand on these types of political/criminal organisations. The UK government and its allies have to be seen to do something, not just continue to talk. The fact that we’ve seen this statement today leads me to believe we’re going to see some results in the near future. We have to believe this, and we have to continue to educate our staff and citizens on how to protect themselves from the basic forms of attack. Keep desktops patched, keep the firewalls and anti-virus software up to date, keep our privileged passwords locked away and use multi-factor authentication where ever possible. We all have our role to play in these battles so let’s play that part well and be a part of the solution.”