Cyberattacks: A World War In Action

By Rob Woodward: Have you noticed more recently that critical infrastructure and services have been grinding to a halt? As I write this, Microsoft is experiencing a global outage, which is affecting airports, banks, GP practices, broadcasters and businesses more widely. Sky News has reported this as – “mass global IT chaos – impacting  a swathe of sectors, which shows the vulnerability of daily life to technology when it fails. While this outage does not appear to have been caused deliberately, it underlines the fragility of the modern world to technology given that most areas of life rely on some form of computer systems and lines of code.” It is hard to be convinced that this ‘outage’, one of many, was simply because an update went wrong.

Yesterday, the Bank of England CHAPS payments system suddenly went offline. Property sales were held up causing havoc amongst buyers and sellers with legal deadlines missed. From education to emergency services, from public administration to education, transport and more, a critical system of some sort stops working almost weekly.

Evidence of a campaign not just of cyber attacks but what could be interpreted as cyberwarfare against the UK came back in March. Speaking in the House of Commons on March 25th, UK Deputy Prime Minister Oliver Dowden publicly confirmed that China was responsible for cyberattacks against UK Members of Parliament and the national election body. “Taken together, the United Kingdom judges that these actions demonstrate a clear and persistent pattern of behaviour that signals hostile intent from China,” Dowden declared. Some MP’s agreed that “It’s abundantly clear that China is a hostile state.” One day later a senior Chinese diplomat to the Foreign Office was summoned, where Beijing-backed hackers were accused of a cyber-attack on the British elections watchdog and its surveillance operation on politicians.

Over in the USA, the White House, Departments of Justice, Commerce and State, the Treasury, as well as members of Congress, were also targeted in the same way, the DOJ’s indictment showed. EU lawmakers were also targeted: “The targets included every European Union member of IPAC.”

In the past year, Britain has faced an unprecedented wave of cyberattacks targeting critical infrastructure. These attacks have not only exposed vulnerabilities but also highlighted the urgent need for more robust cybersecurity measures.

Over half (52 per cent) of UK IT leaders believe the government cannot defend its citizens and enterprises against acts of cyber-warfare, new research from asset intelligence cybersecurity company Armis says.

This lack of faith in the government is higher than elsewhere surveyed in Europe, including Germany (40 per cent) and France (42 per cent). It also marks a significant change in sentiment compared to a year ago, when 77 per cent of UK IT leaders had confidence in the UK government.

Ahead of the election this year, 37 per cent of UK IT leaders believed cyber-war can impact the integrity of an electoral process – this spikes significantly when speaking to respondents from the government sector (60 per cent), the medical, healthcare and pharmaceutical industry (67 per cent) and financial services (71 per cent).

In addition, 45 per cent also say cyber-war may well result in cyber-attacks on the media, easily beating the concerns of respondents from the U.S., France and Germany.

Digit News reports that 43 per cent of UK organisations have now revealed that their their company has experienced one to two cybersecurity breaches. But when asked, this really meant that threat activity on their organisation’s network in the past six months, had risen substantially – an 18 per cent increase in that timeframe alone.

However, utilities infrastructure saw attack threats rise dramatically by 37 per cent with a 42 per cent increase for those in the medical, healthcare, and pharmaceutical sectors.

 

“Make no mistake, we are in a cyber arms race against our adversaries and society as we know it is at risk”

Nadir Izrael, CTO and co-founder of Armis

 

Major Cyber Incidents

NHS: In March, the NHS experienced a major attack that crippled hospital operations across the country. The attack led to the encryption of patient records, causing delays and cancellations in treatment and appointments. Emergency services were particularly affected, with some hospitals resorting to manual record-keeping.

Energy Sector: A few months ago, a sophisticated cyberattack targeted the national grid, causing widespread power outages in several regions. The attack allowed the attackers to gain control of critical systems. The resulting power cuts affected millions of residents and businesses, highlighting the fragility of the energy infrastructure.

Transportation Networks: The UK’s transportation sector was also targeted, with a significant cyberattack only weeeks ago disrupting rail services. The attackers infiltrated the network’s signalling systems, causing widespread delays and cancellations. This attack inconvenienced thousands of commuters but also raised concerns about the safety and security of public transportation systems.

Over the past year, cyberattacks on Britain’s infrastructure have been attributed to various threat actors, which include not just organised cyber criminals but state-sponsored groups.

It will not be of any great surprise to learn that a number of these attacks have been linked to Russia, China, and North Korea. They are motivated by geopolitical interests and aim to disrupt the functioning of critical infrastructure, gather intelligence, or exert pressure on the British government. The attack on the national grid, for instance, was attributed to a Russian state-sponsored group known as Sandworm, which has a history of targeting energy infrastructure globally.

 

Impact

The cyberattacks on Britain’s infrastructure have had far-reaching consequences, affecting various aspects of society and the economy.

The attacks on the NHS and transportation networks have directly impacted public safety and eroded trust in the security of essential services. Delays in medical treatment and disruptions in transportation not only inconvenience the public but also pose serious risks to health and safety.

The economic impact of these cyberattacks has been substantial. The disruption of services, loss of productivity, and costs associated with restoring systems have resulted in significant financial losses. The power outages caused by the attack on the national grid, for example, led to millions of pounds in damages and economic losses.

Cyberattacks on critical infrastructure also pose a severe threat to national security. They can disrupt essential services, create chaos, and undermine public confidence in the government’s ability to protect its citizens.

Given about £27bn is spent every year on digital transformation and security in the UK, the impact is colossal.

One-fifth (21%) of UK organisations also say their company has not allocated sufficient budget for cybersecurity programmes, people, and processes.

“Make no mistake – we are in a cyber arms race against our adversaries and society as we know it is at risk,” said Nadir Izrael, CTO and co-founder, Armis. “Relying on legacy technologies and manual security processes is the equivalent of bringing a knife to a gunfight, given the threats we’re up against and the arsenal of nation-state actors.

“It is critical that security leaders fight fire with fire, leveraging AI-powered solutions that empower them with actionable intelligence before a vulnerability is announced, before an attack is launched and before their organisation is impacted. Forewarned is forearmed.”