UK NCSC warns of irresponsible use of commercial hacking tools, hackers for hire

The evolving market for commercial hacking tools and services will pose a growing threat to organisations and individuals over the next five years, the UK National Cyber Security Centre (NCSC) has warned. New threat assessment, published during the CyberUK conference in Belfast, highlighted how the proliferation of cyber tools and services is lowering the barrier to entry for state and non-state actors, transforming the threats organisations and individuals face. This is likely to lead to more victims of cyberattacks and a more unpredictable threat landscape.

Demand for spyware, hackers-for-hire, cyber capabilities expected to grow

The NCSC report states that, over the past decade, more than 80 countries have purchased cyber intrusion software, with some states almost certainly having irresponsibly used this to target journalists, human rights activists, political dissidents, opponents, and foreign government officials.

Demand for spyware, hackers-for-hire, and access to other cyber capabilities is expected to grow globally, which will almost certainly lead to an increased threat to a wide range of industries. Meanwhile, commercial capability development is likely to diversify to meet demand, and a growing hackers-for-hire marketplace increases the risk of unpredictable targeting or unintentional escalation, the report read.

Key judgements from the report include:

• The sophistication of some commercial intrusion cyber products and services rivals the equivalent capabilities of some state-linked advanced persistent threat (APT) groups.
• Commercial hackers-for-hire pose a potential corporate espionage threat against organisations and individuals with privileged or valuable confidential information across multiple sectors. They could also offer significant financial rewards to incentivize state employees or contractors to become hackers-for-hire.
• The proliferation of commercial cyber capability will result in an expanding number of elements for cyber defense to detect and mitigate, and a similarly expanding number and type of victims.

International collaboration needed to tackle proliferation of commercial intrusion sector

Collaborative, international oversight across the commercial intrusion sector is key to tackling the threat of proliferation, the report stated, although a lack of consensus could hinder efforts. Last month, it was announced that the UK has committed to a number of initiatives to reaffirm its support for a free, open, peaceful, and secure cyberspace, including efforts with 10 other countries to counter the proliferation and misuse of commercial spyware. International consensus and norms on the development and sale of commercial cyber capabilities is likely to encourage commercial providers to vet and limit their customer bases, the report said.

“The proliferation of cyber tools and services will have a profound impact on the threat landscape, as more state and non-state actors obtain capabilities and intelligence not previously available to them,” commented Jonathon Ellison, NCSC director of resilience and future tech. “To maintain safety in cyberspace it is crucial these capabilities are managed with a responsible, proportionate, and legally sound approach and working with international partners, the UK is determined to address this rising challenge.”

In July 2022, the US House Intelligence Committee held a rare open public hearing to discuss the proliferating and increasingly troublesome threats from foreign spyware.