UK Cabinet Office Minister Oliver Dowden has warned that hackers aligned with Russia are seeking to disrupt or destroy Britain’s critical infrastructure.
Speaking at the CyberUK conference in Belfast, Dowden announced a package of measures to support businesses “on the front line of our cyber defences.” He described the threat actors as “Wagner-like,” invoking the name of Russian mercenaries involved in the conflict in Ukraine.
The National Cyber Security Centre (NCSC) has issued an official threat alert to organisations that operate critical services, urging them to “act now” to protect themselves against an escalating cyber threat.
According to the NCSC, these hacking groups are often ideologically sympathetic to Russia’s invasion of Ukraine. The alert warns they are “less predictable” because many operate without formal state control, increasing the risk that they will pursue more disruptive or destructive actions.
The NCSC noted that some groups have signalled an intention to target Western critical national infrastructure, including systems in the UK, and that they will seek opportunities to cause significant disruption—particularly where systems are inadequately protected.
Dowden said the government will set cyber resilience targets for critical sectors to meet within two years and plans to bring private-sector companies that manage critical infrastructure into the scope of resilience regulations.
“These are the companies in charge of keeping our country running. Of keeping the lights on. Our shared prosperity depends on them taking their security seriously,” Dowden said.
The warning serves as a reminder of the continued risk posed by state-aligned and ideologically motivated hacking groups and their capacity to inflict widespread disruption. While the UK government is taking action, responsibility also falls on businesses and organisations to ensure their cyber defences are robust.
Gavin Millard, Deputy CTO at cybersecurity firm Tenable, commented:
“Threats from state-based actors against critical infrastructure aren’t new and, as we’ve seen from multiple statements from the US, remain a constant concern. With ageing infrastructure and a vast attack surface that can include known vulnerabilities, it’s vital to understand which weaknesses threat actors target and to remediate them quickly. A successful cyber attack against critical assets can have wide-reaching impacts on the population and the economy.”
“Attacks such as those against JBS Foods and the Colonial Pipeline exploited services like Remote Desktop Protocol (RDP) and exposed Virtual Private Networks (VPNs) to gain initial access. Once attackers establish a foothold, escalating privileges and distributing malicious code becomes alarmingly straightforward.”
“To prevent such incidents, organisations must take a proactive approach to identify and address these exposures before they are exploited.”
With cyberattacks rising in both frequency and complexity, it is imperative that all critical infrastructure sectors take concrete steps to protect themselves and reduce the risk of severe incidents.
Locked Shields 2023
The NCSC’s threat alert coincided with the start of Locked Shields 2023.
Locked Shields, organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), is the world’s largest live-fire cyber defence exercise.
“No other cyber defence exercise can offer as specialised and detailed an experience as Locked Shields. Twenty-four Blue Teams from around the world must keep critical infrastructure and IT systems running under pressure,” said CCDCOE director Mart Noorma.
“Teams demonstrate their ability to maintain services under real-life conditions and high stress.”
Locked Shields attracts over 3,000 participants from 38 nations, including countries that are not full NATO members.
“Technical specialists cannot manage a cyber crisis alone. Decision-makers and experts from different governmental bodies and sectors must work together to repel attacks,” Noorma added.
“That is why, alongside cyber defence, Locked Shields concentrates on strategy, legal issues, and crisis communication. Cooperation must be fast, because a major cyber attack can quickly escalate into a broader security crisis; exercises like this improve preparedness.”
(Photo by David W. Meyer on Unsplash)
Interested in learning more about cybersecurity and cloud technology from industry leaders? Consider attending Cyber Security & Cloud Expo events in Amsterdam, California, and London.
Explore other upcoming enterprise technology events and webinars powered by TechForge.