Alert issued warns of the emerging threat from state-aligned groups and the different forms of activity.
- New alert from NCSC highlights risk to CNI from state-aligned groups – particularly those sympathetic to Russia’s invasion of Ukraine
- Groups could launch ‘destructive and disruptive attacks’ with less predictable consequences than those of traditional cyber criminals
- CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened
The National Cyber Security Centre has today (Wednesday) issued an alert to critical national infrastructure (CNI) organisations warning of an emerging threat from state-aligned groups.
The NCSC – a part of GCHQ – warned in the alert that some groups have stated an intent to launch ‘destructive and disruptive attacks’ and that CNI organisations should ensure they have taken steps outlined in the NCSC’s heightened threat guidance to strengthen their defences.
The threat comes particularly from state-aligned groups sympathetic to Russia’s invasion of Ukraine, the alert said, and has emerged over the past 18 months.
These groups are not motivated by financial gain, nor subject to control by the state, and so their actions can be less predictable and their targeting broader than traditional cyber crime actors.
While in the short term any activity from the groups is likely to take the form of Distributed Denial of Service (DDoS) attacks, website defacements or the spread of misinformation, some groups have stated a desire to achieve a more destructive impact against western infrastructure, the alert said.
The alert was issued on the first day of the NCSC’s CYBERUK conference in Belfast, where experts have gathered to consider topics under the theme of ‘securing an open and resilient digital future.’
Dr Marsha Quallo-Wright, NCSC Deputy Director for Critical National Infrastructure, said:
“It has become clear that certain state-aligned groups have the intent to cause damage to CNI organisations, and it is important that the sector is aware of this.
“In the wake of this emerging threat, our message to CNI sectors is to take sensible, proportionate steps now to protect themselves.
“The NCSC has produced advice for organisations on steps to take when the cyber threat is heightened, and I would strongly encourage all CNI organisations to follow this now.”
The NCSC’s heightened threat guidance was published shortly before Russia’s invasion of Ukraine last year, and organisations are encouraged to continue to follow it.
Cyber resilience in the context of Russia’s invasion of Ukraine will feature in a session on day two of CYBERUK entitled The Three Rs of Cyber Security: Russia, Ransomware and Resilience.
‘NCSC warns of emerging threat to critical national infrastructure’, 2023, April 19, National Cyber Security Centre, Retrieved from URL www.ncsc.gov.uk
