By Rob Woodward: The UK is the third most targeted country in the world for cyber-attacks, after the US and Ukraine.
That first sentence are the first words from a report by a UK parliament committee from just six months ago. That report says that in recent years, the UK has seen the use of offensive cyber capabilities by state and non-state actors proliferate, exacerbated by Russia’s full-scale invasion of Ukraine. It is, as the report says – “an area of particular concern,” and as such, more information is being gathered from sources specifically connected to communications, energy, government and finance defined as most critical to the function of the UK digital economy.
One month after the Committee requested more information – it was reported that the UK’s National Cyber Security Centre (NCSC) had raised the alarm about escalating threats to the nation’s Critical National Infrastructure (CNI) and warned that resilience is not at the required level.
“The threat is evolving. While we are making progress building resilience in our most critical sectors, we aren’t where we need to be,” stated the NCSC report.
The World Economic Forum’s Insight Report entitled “Global Cybersecurity Outlook 2023” found that 91% of all respondents considered that a far-reaching, catastrophic cyber event is at least somewhat likely in the next two years.
One example from the USA is that Chinese government hackers are now known to have been stealing data from critical infrastructure, using it to what was described as an ‘unkillable’ botnet targeting organisations in the communications, manufacturing, utility, transportation, construction, maritime, government, IT, and education sectors. It soon transpired the UK was targeted in exactly the same way.
It is notable that over the past year, the UK has witnessed serious cyber assaults on critical services, including a significant attack on Royal Mail by the LockBit group and a breach at software supplier Advanced, forcing the NHS to resort to pen and paper.
Just how serious is this problem?
Last month, the credit rating agency Moody’s warned that water companies faced an “elevated” risk from cyber attackers targeting drinking water. This month, we saw much of the UK high street hit by huge outages – the cause of them still remains largely mysterious. McDonald’s, Sainsbury’s, Tesco and Greggs have all had to, at some point, close stores or were unable to deliver customer orders because of problems with payment systems and other online tools.
The reality here is that the government would not allow these national corporations to state they had been hacked by foreign actors, as this would, quite clearly, cause a national panic buying event, lead to shortages, and, if prolonged, possible civil disorder. The Independent newspaper approached all of these companies and reported – “Each of the companies has, however, refused to give any detailed information about why the outages happened – or whether they might be linked.”
Last December, Gatwick Airport was shut down due to unexplained critical outages. In November, London’s Heathrow told passengers to allow extra time for their journeys to the airport as three rail lines connecting the hub to the city simultaneously faced outage disruptions. In August, another unexplained incident caused air traffic control outages and chaos at UK airports as the national flight planning system shut down.
Earlier in the year, Manchester airport was also hit with unexplained power outages, which passengers described as “chaotic” as ‘flights took off without them’ when check-in and boarding systems failed.
The banks have not faired well either. In August, even The Bank of England was affected. The ‘technical issue’ that shut down a vital system processes around £1tn in transactions every day. This system underpins the UK’s banking system and is crucial for financial stability.
In November, HSBC apologised to thousands of UK customers who reported they were unable to access mobile and online banking for more than 24 hours … on Black Friday. HSBC gave no reason for the banking outage.
A few months earlier, Lloyds Bank, Halifax, TSB Bank, and Bank of Scotland all experienced web and mobile app outages on the same day, leaving customers unable to access their account balances and information. The cause of the widespread outage was described by the media as ‘unknown,’ with a TSB spokesperson the following day stating that the outage was resolved but did not share any information beyond that.
There is one common denominator in all of these attacks on banking, transport hubs, food supply chains and the like. Not one has admitted to technical glitches common to technology-based systems. Of course, there could be reasons behind that, but this is a worrying pattern when it comes to national infrastructure. Cyber-attacks are becoming more and more common.
A few weeks ago the Atlantic Council highlighted the problem when it said – “There is no clear dividing line between “cyber warfare” and “cyber crime.” The recent suspected Russian cyber attack on Ukrainian mobile operator Kyivstar is a reminder of the potential dangers posed by cyber operations to infrastructure, governments, and private companies around the world.
If you still don’t think this is a problem. Forbes published an article citing a cyber-security report that stated – “By the end of the coming year, the cost of cyber attacks on the global economy is predicted to top $10.5 trillion.” That report said that generative AI would be used on both sides of the cyber-warfare battlefront, that attacks on IoT (Internet of Things) would be disruptive, and that state-sponsored cyber-attacks would proliferate.