Attacks are a key policy for Putin, says expert
CYBER-ATTACK CAPABILITY is a government policy for Vladimir Putin’s Russia, the head of the UK cyber-security agency has said.
Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), said the UK’s infrastructure is hit “frequently” by Russian attackers and online warfare is part of its “armoury of statecraft”.
And he said defensive and offensive cyber-capability was increasingly an integral part of any modern state, describing cyberwarfare as a “very traditional threat to national security” but in a “very modern way”.
At a press briefing at CYBERUK18, a cyber-security conference hosted by the NCSC in Manchester, Mr Martin said: “Cyber-attack capabilities are an integral part of Russia’s national policy, of its way of asserting itself in the world and asserting its interests in the world.
“And that’s been true for quite a long time; I’ve mentioned tracking some of these groups for 20 years.
“So we can expect Russia to pursue its interests through cyber means where it suits them.”
But some attacks come through proxies and criminal gangs and “blurred lines” mean it is difficult to pinpoint when attacks are Kremlin-directed or state-sponsored and what the motive is, reporters were told.
Mr Martin said: “In cyberspace it is possible to operate entirely from jurisdictions that we don’t have law enforcement arrangements with and for the most part in cyber-crime that will include Russia.”
He said after two decades looking at Russian cyber-attacks they had noticed “some common personnel” and “an interchange between parts of the Russian cyberattack framework that we believe to be state-sponsored and those that we believe to be criminal”.
Paul Chichester, director of operations at NCSC, said getting concrete evidence and complete knowledge of perpetrator and motive was difficult.
Mr Chichester said: “We do see links between the crime and the state and it is a concern.”