In light of the war, how credible is the Russian cyber threat to UK companies?
In the same way that covid has not gone away, just because it is no longer headline news, the Russian invasion of Ukraine is still raging in both the physical & cyber world even though it is slowly being demoted in news rankings.
Since the beginning of the invasion, the UK’s National Cyber Security Centre, (NCSC), has urged UK organisations to bolster online defences, with warnings of increased threat levels. This is not surprising since Russia has threatened the UK with action due to its support of Ukraine.
Cyber-attacks against Ukraine’s government and financial sites have been part of President Putin’s assault on the nation. More attacks are anticipated, according to Western intelligence, with Russian cyber operators probably already pre-positioned in Ukrainian IT systems, gathering intelligence, and prepared to start disruptive actions – according to the UK Government.
The fear is rational as several high-profile cyber-attacks have been linked to Russian organisations including the 2021 attack on America’s Colonial Pipeline Company that shut down the largest fuel pipeline in the US for several days, causing the highest fuel prices in years, and a declaration of a state of emergency in 4 US states.
The NCSC claim to be unaware of specific threats but there is a historical trend of cyber strikes against Ukraine with international ramifications. One example of a threat is ‘HermeticWiper,’ a wiper virus employed against Ukrainian organisations which has the potential to impact organisations outside of Ukraine, including the UK.
How valid are these threats and has the war really raised the threat level?
An article published recently by the Straits Times, claims that Russia’s use of cyber capabilities in its onslaught against Ukraine has been significantly less effective than predicted, quoting several European heads of military cyber defence forces. The head of Poland’s NCSC was quoted as saying that they were expecting a ‘Pearl Harbour’ based on experience of Russian behaviour and capabilities. However, Ukraine was prepared and “withstood Russian strikes,”.
Colonel Romualdas Petkevicius, Lithuania’s chief of cybersecurity, stated that Russia is “not ready to wage coordinated cyber and kinetic war.” He told AFP that there are “thousands” of cyber activities in Ukraine. “But I don’t think they are very well planned.”
The commander of France’s cyber defence force, General Didier Tisseyre, made a similar point about a gap between cyber-attacks and Russia’s military offensive on the ground.
“Maybe they didn’t manage to organise it the way they wanted to,” he remarked, and their capacities “are not as strong as we assume.”
Should UK organisations feel safe considering?
I do not want to be the bearer of bad news and keep you up at night. Still, every UK organisation should be continually ‘worried’ about cyber threats and the havoc they reap on organisations, regardless of their cyber maturity level and regardless of any war. The fact that the Russian cyber threat might have been overestimated, is no reason to drop your guard when it comes to cyber defence.
Just because it is not in the headlines does not mean that thousands of UK-based organisations are not attacked daily, at an estimated cost of £3.1 billion from April 2021 to April 2022, according to the National Fraud Intelligence Bureau, (NFIB), while security budgets remained mostly flat so far in 2022 according to CyberEdge.
Comparitech recently published an overview of UK cyber security and cybercrime statistics from the latest reports, and it makes for grim reading.
If your organisation is not budgeting for and planning against cyber-attacks, the outlook is not good, and sleepless nights may be warranted. The cyber threat is constant, and it is imperative that security should be embedded at all levels of an organisation.
It is always a good time to improve security!