NHS a target if Moscow launches cyber blitz
BRITAIN faces a wave of Russian cyberattacks over of its staunch support for Ukraine, ministers have been warned.
Chief of the Defence Staff Admiral Sir Tony Radakin told the Cabinet this week that the UK should be ready for potential cyber offensives from the Kremlin.
Officials fear the NHS, local government and business could be prime targets for Moscow, which has one of the most sophisticated cyber capabilities in the world.
Downing Street declined to comment in detail on Sir Tony’s warning, saying only that he briefed the Cabinet on the Ukraine crisis and ‘its potential impact on the UK’. But two Cabinet sources said his warnings covered the threat of cyber-attacks, the danger of an online disinformation campaign and the potential impact on gas prices and supplies.
Ministers fear the UK could become a target because of Boris Johnson’s role in coordinating international support for Ukraine. Moscow is said to be furious at the British decision to supply Ukraine with defensive weapons systems.
The Kremlin has also warned against introducing tough sanctions against oligarchs linked to Vladimir Putin.
The National Cyber Security Centre has now issued a warning to businesses and institutions to beef up their defences. The agency, which is part of GCHQ, said: ‘UK organisations are being urged to bolster their cyber security resilience.’
Director of operations Paul Chichester said Ukraine itself was already suffering serious cyber-attacks and there were fears that the activity could spread to its allies.
Officials are particularly concerned about the threat to public sector organisations with ageing computer system such as the health service. A Whitehall source said: ‘The problem is that in some organisations people don’t even do the most basic cyberhygiene such as making sure security patches are up to date, introducing twostep authentication and so on.
‘This stuff is important in normal times, but if we do face increased activity from Russia it is going to be absolutely critical.’
Another source said ministers were braced for a potential onslaught of Russian propaganda. ‘There are real concerns about Russian disinformation if an invasion goes ahead,’ the source said.
Just before Christmas, a manager for a small charity in Orkney was puzzled to discover she could not access some of her computer files. Parts of the database were locked, she saw — encrypted by a virus.
then came the real shock. In order to unlock the files belonging to the Dial-a-Bus charity, hackers were demanding £1,000 in an untraceable Bitcoin payment.
the attack was petty, immoral — and all too predictable. (Fortunately for the disabled people who relied on this service in the remote scottish islands, all their bookings could be found on a second computer.)
the incident, one of hundreds of ransom attacks around the world that month alone, revealed how common this kind of crime has become. this is piracy in the digital age. And today, with relations between Russia and the West on the brink of disintegration, cyber crime — already a serious problem — could cause far more widespread disruption across the uK in the weeks and months ahead.
On tuesday, the Prime Minister warned Moscow that Britain will impose sanctions ‘the moment the first Russian toe-cap crosses into ukraine’.
And here and in America, there are already warnings of ‘blowback’, including cyber-attacks, if Britain and its allies stand with Kiev against Russian incursion.
Russia is already one of the world’s most notorious centres of cyber-attacks. these criminals are not under the direct control of the Kremlin, but Vladimir Putin certainly tolerates their operations as long as they spare Russian businesses and interests.
Let me be clear: this is not the work of a lone hacker in a bedroom. It requires expensive equipment, the latest software and an army of operatives.
And if relations between Britain and Russia deteriorate further, experts warn further attacks could be unleashed against us.
sensational commentators have conjured apocalyptic scenarios, with Russian hackers shutting down our banks or causing airliners to spiral out of the sky.
save that for Hollywood. British banks have excellent safeguards against hacking, and even if our whole air-traffic control system suffered a black-out, pilots could still land every plane safely.
Putin is very unlikely to contemplate such attacks in any case, just as he would not order the shutdown of Britain’s national electricity grid — the way he twice sought to shut down power in parts of Kiev during the bitter winters of 2015 and 2016.
such massive, blatant retaliation by Russia to swingeing sanctions is unlikely: applying it against any Nato country would risk serious escalation.
Nevertheless, Putin will not accept sanctions without spiteful retribution. He will seek to make us pay a price, and both British and American security agencies have issued stark warnings to put computer-network managers on higher alert.
there are two key risks to our national security from Russian activity, both of which can occur without overt control by the Kremlin.
the first is ‘contagion’. During the six years I was in charge of Britain’s cyber security, the worst two incidents took place within six weeks of each other.
First, North Korea launched a thieving raid on international financial institutions. In May 2017, computer viruses were unleashed. they were not aimed
at the uK, but they spread here — just as a physical virus did in early 2020.
the North Korean computer virus badly corrupted data stored in NHs systems, causing significant damage.
then, six weeks later, Russia launched a cyber-assault on ukraine, the so-called ‘NotPetya’ malware attack. this affected
businesses worldwide: $250 million was knocked off the value of the shipping giant Maersk, which was forced to resort to WhatsApp to maintain communications with some of its vessels.
the chaos affected firms ranging from a major advertising agency in London to a chocolate factory in tasmania. the total damage around the world was estimated at $10billion — all of it accidental ‘overspill’ from the attack on ukraine.
Ransomware is the second danger we face from Russia and its army of hackers. until last year, this was the sort of problem that many people read about but few suffered unless they happened to run major corporations — or even a small transport charity in Orkney.
Most ransomware attacks don’t make the headlines, because company bosses quietly pay up. they purchase a digital ‘key’, perhaps costing millions in a cryptocurrency such as Bitcoin, to deencrypt their data. then they set about implementing safeguards so any future attack is unsuccessful.
Last year, these ransomware attacks became far more widespread. several British local authorities were carefully targeted, including Redcar and Cleveland, where essential local services were disrupted. In London, the Harris Federation of academies and schools was also affected.
And Britain was not the only country put at serious risk. In Rome, a catastrophic attack threw Covid vaccination bookings into chaos. And in the eastern united states, a pipeline controlling nearly half the gas supply was shut down. President Joe Biden’s administration had to issue emergency guidance to put a halt to panic-buying and fuel-hoarding. People were reportedly filling up plastic carrier bags with petrol.
Closer to home, in Ireland last May the Health services Executive — the commissioning system for all the Republic’s hospitals — was held to ransom. thousands of operations had to be cancelled and expectant mothers found it impossible to get any appointment, including scans, unless they were over 36 weeks pregnant.
Hackers were said to be demanding three Bitcoins for their payoff, worth roughly £100,000 at the time — though some rumours put the ransom at about £18 million.
these are exactly the sort of attacks we could expect to see more of if the situation in ukraine deteriorates.
In Russia, some hackers flaunt
This is digital piracy ... and it could spread
Gangsters extort millions from victims
the proceeds of these despicable crimes. One of the most notorious, 34-year-old playboy Maksim Yakubets, has been seen in Moscow driving a garish green Lamborghini with a personalised numberplate that read ‘tHIEF’.
Yakubets has posted videos of his pet lions and tigers and bragged about his attacks on u.s. firms with his cyber outfit, Evil Corp.
Last July, Evil Corp demanded $10 million from satnav manufacturer Garmin after unleashing a virus so effective that even the firm’s webpage was disabled.
A BBC journalist tried to track Yakubets down in November, visiting his father for an interview. If a British reporter can do that, the Russian security police certainly could — should they choose to.
In response to pressure from Washington DC, Putin has made a few theatrical arrests. But these are merely for show. His real intention is to remind the West that Russia can allow hacking to flourish if it chooses to.
that way, he reasons, we will understand that he can indirectly cause constant disruption, while pretending that his government is not complicit in it.
Britain needs to be prepared. Our government is already doing a great deal to make us less vulnerable. An economy as large as ours will always have weak spots, but every business must be made aware of how to guard against contagion and malware.
the most important precautions are to install the latest security upgrades and to maintain backups in case a network goes down.
In the digital era, every business is at risk from pirates. And any future war in ukraine will likely only galvanise Russia’s pirates to attack us.
Ciaran Martin is a professor at the Blavatnik School of Government in Oxford and an adviser to Paladin Capital.