Warning on emerging threat to CNI from state-aligned groups with intent to launch destructive attacks
Today we have released a warning about the emerging threat to Critical National Infrastructure (CNI) from state-aligned groups that have the intent to launch “destructive and disruptive attacks”.
On the first day of #CYBERUK23, we're urging CNI to take steps now to bolster their defences. The threat comes particularly from state-aligned groups sympathetic to Russia’s invasion.
These groups are not motivated by financial gain, nor subject to control by the state, and so their actions can be less predictable & targeting broader than traditional cybercrime actors.
Activity from these groups is likely to take the form of Distributed Denial of Service (DDoS) attacks, website defacements or the spread of misinformation. Some groups have stated a desire to achieve a more destructive impact against western infrastructure.
Dr Marsha Quallo-Wright, NCSC Deputy Director for Critical National Infrastructure, said:
"Our message to CNI sector is not to panic but to take sensible, proportionate steps now to protect themselves. Follow our advice for organisations on steps to take when the cyber threat is heightened.”
The NCSC’s heightened threat guidance was published shortly before Russia’s invasion of Ukraine last year and those in the CNI sector are urged to read it.
Information & Cyber Security Advisor at Great Ormond Street Hospital for Children NHS Foundation Trust
1yI echo other comments. It isn’t just CNI, it’s their supply chain & all businesses & organisations aligned to UK, US & NATO goals. It’s the new Cold War by proxy. Whilst it isn’t directly financially motivated it is designed to cause maximum disruption & financial pain. One could argue it mimics & far exceeds any financial sanction. We need better information sharing, more transparency on breaches/attack methodologies & issues, more investment on implementing & improving basic cyber defences. We also need strong policing & auditing of software houses.
Systems Engineer & Python Developer | Specializing in Linux, Hypervisors, and High-Performance Computing
1yI'm not even reading anything about government sponsored IT security.. The whole Idea is silly, and can quickly be used against industry.
Digital Identity Crusader, Inventor, Entrepreneur, University Lecturer & 🌮❤️er
1yNeutralize all their credential phishing & password-based attacks with a Passwordless phish-proof MFA solution. Deploy it in 15 mins across the entire business of thousands. Ask Bell Integration - Driving Digital Transformation. Mark Nicholas and Alex Christophe timing is everything. 💪🏽
--
1yColin Adan BSc(Hons) MBA PMP