Only a matter of time before the UK suffers a category one cyber attack says NCSC chief
The head of the National Cyber Security Centre has said that while the UK is fortunate to have avoided a so-called category one cyber-attack attack so far, it is only a matter of time before a catastrophic cyber-attack is launched on its critical infrastructure or election setup.
Stating that it is simply not possible to stop all kinds of cyber-attacks, Ciaran Martin says the UK should concentrate on cauterising the damage caused by a category one cyber-attack.
During an interview given to The Guardian, Ciaran Martin, the head of the National Cyber Security Centre, spoke his mind about the possibility of future cyber-attacks on UK soil and said something which sent ripples across the country’s security and business sectors.
‘I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack,’ he said.
If Martin, who himself is quite an expert in cyber security, is to be believed, the UK may face at least one, if not more, category one cyber-attack within the next two years which may seek to damage either the power grid, the airline network, railways, nuclear power plants or even the UK’s military weapon systems.
Martin also gave an indication that several such attacks could be launched on British elections or critical infrastructure targets in the coming years, adding that since all cyber-attacks simply cannot be stopped, the UK should concentrate on reducing the after-effects of such an attack.
‘Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date,’ he added.
Martin isn’t the first person to forecast an impending category one cyber-attack on the UK’s critical infrastructure or elections. Last year, Dr Ian Levy, Technical Director at the National Cyber Security Centre, said that a WannaCry-like cyber-attack could take place in the near future unless the cyber security space is demystified by including more science and data.
‘Predictions in cyber security are quite difficult, but I am going to make one I am reasonably confident about. Sometime in the next few years we are going to have our first ‘category one’ cyber incident, where you need a national response.
“There will be an independent investigation and what will really come out is that it was entirely preventable. Unless we start to put some science and data into cybersecurity to demystify it, that is really going to happen,” he said.
Even though the WannaCry ransomware attack impacted operations at over 40 NHS trusts and shut down dozens of hospitals for prolonged periods, it was not conferred a category one status as it did not result in loss of life.
Martin also spoke about the threats posed by enemy states like Russia and North Korea, only a day after it was revealed that the Chief of the general staff will ask the government for additional funds to face conventional, non-conventional and cyber threats posed by Russia.
‘What we have seen from Russia thus far against the UK is a series of intrusions for espionage and possible pre-positioning into key sectors but in a more controlled form of attack from others.
‘What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn’t pan out in the way the attackers wanted to,’ he said.
Martin has always been quite outspoken about the threat emanating from Russia. Last year, following a destructive cyber-attack on the parliament’s digital infrastructure that compromised around 90 email accounts of MPs, including those of Prime Minister Theresa May as well as several of her cabinet colleagues, Martin said that the operation was part of Russia’s overall plan of targeting the UK’s energy, media and telecommunication industries to vitiate the international order.
We have reason to believe that Martin’s latest prophesy isn’t just fear-mongering but is, in fact, based on facts. According to the latest Arbor Worldwide Infrastructure Security Report, as many as 57% of all enterprises were targeted by 7.5 million DDoS attacks in 2017. At the same time, 59% of service providers and 48% of enterprises also experienced multi-vector attacks which increased in frequency by 20% compared to the previous year.
Thanks to such DDoS attacks, over half of all enterprises experienced financial losses between $10,000 and $100,000. Despite such risks posed to their very existence, 54% of enterprises and 48% of service providers have faced difficulties in hiring and retaining skilled personnel.