Newly detected state-aligned groups are often sympathetic to Russia’s invasion of Ukraine and are ideologically, rather than financially, motivated. Credit: REDPIXEL.PL/Shutterstock The UK National Cyber Security Centre (NCSC) has issued an alert to critical national infrastructure (CNI) organisations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia’s invasion of Ukraine. The alert states that newly emerged groups could launch “destructive and disruptive attacks” with less predictable consequences than those of traditional cybercriminals, with CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened.The alert was issued on the first day of the NCSC’s CYBERUK conference in Belfast, where experts have gathered to consider topics under the theme of securing an open and resilient digital future. It also comes in the same week as new research that revealed the cost-of -living crisis could trigger a surge in cyberattacks and security issues impacting the UK’s CNI sector.New class of Russian cyber adversary ideologically, rather than financially motivatedOver the past 18 months, a new class of Russian cyber adversary has emerged, the NCSC wrote. These state-aligned groups are often sympathetic to Russia’s invasion and are ideologically, rather than financially, motivated. “Although these groups can align to Russia’s perceived interests, they are often not subject to formal state control, and so their actions are less constrained and their targeting broader than traditional cybercrime actors. This makes them less predictable,” the NCSC said.While activity of these groups often focuses on DDoS attacks, website defacements, or the spread of misinformation, some have stated a desire to achieve a more disruptive and destructive impact against western CNI, including in the UK, according to the NCSC. “We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected.” The threat actors may also become more effective over time, so businesses must act now to manage the risk against successful future attacks, the NCSC said. CNI organisations urged to take sensible, proportionate steps to protect themselves“It has become clear that certain state-aligned groups have the intent to cause damage to CNI organisations, and it is important that the sector is aware of this,” said Dr. Marsha Quallo-Wright, NCSC deputy director for CNI. “In the wake of this emerging threat, our message to CNI sectors is to take sensible, proportionate steps now to protect themselves.The NCSC recommends that organisations implement measures described in actions to take when the cyberthreat is heightened, particularly the NCSC advice on secure system administration. Larger organisations could benefit from using the Cyber Assessment Framework (CAF) to help them identify areas for improvement. As if the security risks posed to UK CNI aren’t already significant enough, a new report has revealed the potential CNI security implications of economic hardship including insider threats, social engineering attacks, and reduced cyber budgets. The Cyber Security in Critical National Infrastructure Organisations: 2023 report found that over a third (34%) of organisations across UK CNI anticipate a rise in cybercrime as a direct result of the current economic crisis, with almost two-thirds (65%) of respondents having seen some reduction or a significant reduction in their organisation’s cybersecurity budget this year. Related content brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security news Teachers urged to enter schoolgirls into UK’s flagship cybersecurity contest CyberFirst Girls aims to introduce girls to cybersecurity, increase diversity, and address the much-maligned skills shortage in the sector. By Michael Hill Sep 26, 2023 4 mins Back to School Education Industry IT Training news CREST, IASME to deliver UK NCSC’s Cyber Incident Exercising scheme CIE scheme aims to help organisations find quality service providers that can advise and support them in practising cyber incident response plans. By Michael Hill Sep 26, 2023 3 mins IT Governance Frameworks Incident Response Data and Information Security news Baffle releases encryption solution to secure data for generative AI Solution uses the advanced encryption standard algorithm to encrypt sensitive data throughout the generative AI pipeline. By Michael Hill Sep 26, 2023 3 mins Encryption Generative AI Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe