Britain is being hit by dozens of cyber-attacks a month, including attempts by Russian state-sponsored hackers to steal defence and foreign policy secrets, GCHQ’s new cybersecurity chief has said.
Ciaran Martin, head of the new National Cyber Security Centre (NCSC), told the Sunday Times there had been a “step change” in Russia’s online aggression against the west.
His comments came as the chancellor, Philip Hammond, told the Sunday Telegraph the centre had blocked 34,550 “potential attacks” on government departments and members of the public in the past six months – about 200 cases a day.
Allegations of Russia-sponsored cyber-attacks became a focal point during the US election, raising fears that the tactic was on the rise.
Martin said Britain had been hit by 188 high-level attacks, “many of which threatened national security”, in the last three months.
He told the Sunday Times: “In the case of government departments, [it is] getting into the system to extract information on UK government policy on anything from energy to diplomacy to information on a particular sector.”
Attacks by Russian and Chinese state-sponsored hackers on defence and foreign policy servers are among those being investigated by the NCSC, the newspaper said.
Martin added: “Over the last two years there has been a step change in Russian aggression in cyberspace. Part of that step change has been a series of attacks on political institutions, political parties, parliamentary organisations and that’s all very well evidenced by our international partners and widely accepted.”
Hammond, a former defence and foreign secretary, warned that hacks could bring down national infrastructure and that even kettles, fridges and driverless cars were at risk.
Writing in the Telegraph, he warned that the “internet revolution” brought the threat of being held to ransom by hackers, the theft of intellectual property and the “shutting down of critical national infrastructure”.
“Beyond hacked kettles and fridges, ‘internet of things’ devices, such as driverless cars, can present alarmingly real security threats that could be incredibly dangerous if the right security isn’t in place,” Hammond added.
Their comments come before the NCSC is officially opened in London by the Queen on Tuesday.
Piers Wilson, Head of Product Management, Huntsman Security said: “While we may be seeing a reported “step change” in online attacks from Russia and other countries, there is little doubt that foreign powers who commit, or at least support, these attacks will see any element of the UK Government and infrastructure as a legitimate target.
“Given the scale and complexity of the attacks, their attribution to a well-funded and skilled adversary is no surprise. Organisations should not consider these as a risk that is only targeted at high-profile networks and systems. Like any attacker, a state-sponsored actor will target any entity that it can find benefit from; this spans opposing nations, to their critical infrastructure, or just private businesses that can be sabotaged, disrupted or have valuable information stolen in the attacker national interest.
“The NCSC’s warnings deserve to be heeded by senior executives: both government and private enterprises must be able to detect and triage increasingly sophisticated and well-funded attacks. There is often no way of predicting where the next attack will come from, and what form it will take. Hence, being able to detect evidence of a breach and react to contain the threat as quickly as possible is critical. Whether an attack comes from a newly discovered virus, a previously unknown vulnerability, or the actions of an employee, the enterprise has to be prepared to spot potentially dangerous behaviour and be equipped to deal with issues when they occur.”