Newly detected state-aligned groups are often sympathetic to Russia’s invasion of Ukraine and are ideologically, rather than financially, motivated. Credit: REDPIXEL.PL/Shutterstock The UK National Cyber Security Centre (NCSC) has issued an alert to critical national infrastructure (CNI) organisations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia’s invasion of Ukraine. The alert states that newly emerged groups could launch “destructive and disruptive attacks” with less predictable consequences than those of traditional cybercriminals, with CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened.The alert was issued on the first day of the NCSC’s CYBERUK conference in Belfast, where experts have gathered to consider topics under the theme of securing an open and resilient digital future. It also comes in the same week as new research that revealed the cost-of -living crisis could trigger a surge in cyberattacks and security issues impacting the UK’s CNI sector.New class of Russian cyber adversary ideologically, rather than financially motivatedOver the past 18 months, a new class of Russian cyber adversary has emerged, the NCSC wrote. These state-aligned groups are often sympathetic to Russia’s invasion and are ideologically, rather than financially, motivated. “Although these groups can align to Russia’s perceived interests, they are often not subject to formal state control, and so their actions are less constrained and their targeting broader than traditional cybercrime actors. This makes them less predictable,” the NCSC said.While activity of these groups often focuses on DDoS attacks, website defacements, or the spread of misinformation, some have stated a desire to achieve a more disruptive and destructive impact against western CNI, including in the UK, according to the NCSC. “We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected.” The threat actors may also become more effective over time, so businesses must act now to manage the risk against successful future attacks, the NCSC said. CNI organisations urged to take sensible, proportionate steps to protect themselves“It has become clear that certain state-aligned groups have the intent to cause damage to CNI organisations, and it is important that the sector is aware of this,” said Dr. Marsha Quallo-Wright, NCSC deputy director for CNI. “In the wake of this emerging threat, our message to CNI sectors is to take sensible, proportionate steps now to protect themselves.The NCSC recommends that organisations implement measures described in actions to take when the cyberthreat is heightened, particularly the NCSC advice on secure system administration. Larger organisations could benefit from using the Cyber Assessment Framework (CAF) to help them identify areas for improvement. As if the security risks posed to UK CNI aren’t already significant enough, a new report has revealed the potential CNI security implications of economic hardship including insider threats, social engineering attacks, and reduced cyber budgets. The Cyber Security in Critical National Infrastructure Organisations: 2023 report found that over a third (34%) of organisations across UK CNI anticipate a rise in cybercrime as a direct result of the current economic crisis, with almost two-thirds (65%) of respondents having seen some reduction or a significant reduction in their organisation’s cybersecurity budget this year. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe