The U.K.’s National Cyber Security Centre (NCSC) has today issued an alert to critical national infrastructure (CNI) organizations warning of an emerging threat from state-aligned groups.
The NCSC warned in the alert that some groups have stated an intent to launch ‘destructive and disruptive attacks’ and that CNI organizations should ensure they have taken steps outlined in the NCSC’s heightened threat guidance to strengthen their defenses.
The threat comes particularly from state-aligned groups sympathetic to Russia’s invasion of Ukraine, the alert said, and has emerged over the past 18 months.
These groups are not motivated by financial gain, nor subject to control by the state, and so their actions can be less predictable and their targeting broader than traditional cyber crime actors.
While in the short term any activity from the groups is likely to take the form of Distributed Denial of Service (DDoS) attacks, website defacements or the spread of misinformation, some groups have stated a desire to achieve a more destructive impact against western infrastructure, the alert said.
The alert was issued on the first day of the NCSC’s CYBERUK conference in Belfast, where experts have gathered to consider topics under the theme of ‘securing an open and resilient digital future.’
Dr Marsha Quallo-Wright, NCSC Deputy Director for Critical National Infrastructure, said:
“It has become clear that certain state-aligned groups have the intent to cause damage to CNI organizations, and it is important that the sector is aware of this.
“In the wake of this emerging threat, our message to CNI sectors is to take sensible, proportionate steps now to protect themselves.
“The NCSC has produced advice for organizations on steps to take when the cyber threat is heightened, and I would strongly encourage all CNI organizations to follow this now.”
The NCSC’s heightened threat guidance was published shortly before Russia’s invasion of Ukraine last year, and organizations are encouraged to continue to follow it.
Cyber resilience in the context of Russia’s invasion of Ukraine will feature in a session on day two of CYBERUK entitled The Three Rs of Cyber Security: Russia, Ransomware and Resilience.
