UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure. Credit: Ed Brambley / Gerd Altmann The head of the UK National Cyber Security Centre (NCSC) Lindy Cameron has given an update on Russia’s cyber activity amid its war with Ukraine. Her speech at Chatham House today comes just a few days after Ukraine’s military intelligence agency issued a warning that Russia was “preparing massive cyberattacks on the critical infrastructure of Ukraine and its allies.” This coincides with a new Forrester report that reveals the extent to which the cyber impact of the Russia-Ukraine conflict has expanded beyond the conflict zone with malware attacks propagating into European entities.UK NCSC CEO urges UK businesses to prepare for elevated alertAddressing Russian cyber activity this year, Cameron stated that, while we have not seen the “cyber-Armageddon” some predicted, there has been a “very significant conflict in cyberspace – probably the most sustained and intensive cyber campaign on record – with the Russian State launching a series of major cyberattacks in support of their illegal invasion in February.”Russian cyber forces from their intelligence and military branches have been busy launching a huge number of attacks in support of immediate military objectives. Their actions suggest a clear rationale to reduce the Ukrainian government’s ability to communicate with its population, impact the Ukrainian financial system at a time of heightened concern, and divert Ukrainian cybersecurity resource from their other priorities, Cameron added. “One specific observation is that Russia has favored wiper malware. Much like ransomware, this encrypts a device, making its data inaccessible. But, unlike ransomware, the effect is not designed to be undone. Thus, the infected device is rendered useless,” she continued.Since the start of the year, the NCSC has been advising UK organizations to take a more proactive approach to cybersecurity in light of the situation in Ukraine. “There may be organizations that are beginning to think ‘is this still necessary?’ as in the UK we haven’t experienced a major incident related to the war in Ukraine. My answer is an emphatic yes,” Cameron said. In response to significant recent battlefield set-backs, Putin has been reacting in unpredictable ways, and so we shouldn’t assume that just because the conflict has played out in one way to date, it will continue to go the same way, Cameron added. “There is still a real possibility that Russia could change its approach in the cyber domain and take more risks – which could cause more significant impacts in the UK.” UK organizations and their network defenders should therefore be prepared for this period of elevated alert with a focus on building long-term resilience, which is a “marathon not a sprint,” she said.Ukraine warns allies of “massive” Russian cyberattacksIn an article published on September 26, Ukrainian intelligence agencies stated that the Kremlin is planning to carry out massive cyberattacks on the critical infrastructure facilities of Ukrainian enterprises and critical infrastructure institutions of Ukraine’s allies. “First of all, the blow will be directed to the enterprises of the energy industry. During the operations, the experience of cyberattacks on the energy systems of Ukraine in 2015 and 2016 will be used,” the warning read. “By this, the enemy will try to enhance the effect of missile strikes on power supply facilities, primarily in the eastern and southern regions of Ukraine. The command of the occupiers is convinced that this will lead to a slowdown in the offensive actions of the Ukrainian Defense Forces.” According to the warning, the Kremlin also intends to increase the intensity of DDoS attacks on the critical infrastructure of Ukraine’s closest allies, especially Poland and the Baltic states.Cyber impact of Russia-Ukraine war expanding beyond the conflict zoneA new report from Forrester has revealed the extent to which the cyber impact of the Russia-Ukraine conflict has expanded beyond the conflict zone. In European Cybersecurity Threats, 2022, Forrester experts stated that destructive Russian malware attacks are propagating into European entities, who should stay prepared for cyber retaliation and an escalation of espionage campaigns.“Russian hackers use advanced persistent threats (APTs) and sensitive data infiltration to gain advantage. About a quarter of total investigated intrusion attacks were identified as successful, and Russian adversaries exfiltrated strategic information, but this number might be underestimating the Russian threat,” the report read. Related content news New Trojan ZenRAT masquerades as Bitwarden password manager A report by Proofpoint identifies the new Trojan as undocumented and possessing information-stealing capabilities. By Lucian Constantin Sep 28, 2023 4 mins Cyberattacks Cyberattacks Cyberattacks news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Data and Information Security Security Practices news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe