by BELFAST, Northern Ireland — Russia-aligned cyber groups outside Moscow’s formal control pose a growing threat and seek to target critical infrastructure in the West, according to Britain’s cybersecurity agency.
Motivated more by ideology than money, the groups, which emerged after Russia invaded Ukraine, pose a potential risk to crucial infrastructure systems in Western countries, especially those that are “poorly protected,” the National Center said. UK Cyber Security, or NCSC. in an alert issued Wednesday local time.
“Although these groups may align with perceived Russian interests, they are often not subject to formal state control, making their actions less restricted and their targets broader than traditional cybercrime actors,” the alert said. NCSC. “This makes them less predictable.”
The groups often focus on denial-of-service attacks, defacing websites and spreading misinformation, according to the alert. But some “have declared a desire to achieve a more disruptive and destructive impact against Western critical national infrastructure, including in the UK,” he said.
Without outside assistance, the groups are unlikely “to have the ability to deliberately cause a destructive, rather than disruptive, impact in the short term,” the cybersecurity center said. But groups can become more effective over time, and the NCSC recommends that organizations “act now to manage risk against future successful attacks.”
British Cabinet Office Minister Oliver Dowden plans to cite the cybersecurity alert in a speech later on Wednesday, according to excerpts of his comments released ahead of time, and will urge companies to take the necessary precautions.
“Revealing this threat is not something we do lightly,” Dowden is willing to say, according to the released text. “But we believe it is necessary … if we want these companies to understand the current risk they face and take action to defend themselves and the country.”
Dowden, the Chancellor of the Duchy of Lancaster, the highest-ranking member of the cabinet after the prime minister, is scheduled to deliver his speech at a UK cybersecurity conference in Belfast.
Lindy Cameron, chief executive of the National Center for Cyber Security, which is part of Britain’s cyber and intelligence agency GCHQ, said on Wednesday there were heightened concerns about hackers planning to attack UK infrastructure, but gave no further. details.
Asked if he had seen any attempts to target the UK, he told BBC Radio’s ‘Today’ programme: “We are seeing some indication of that, but I wouldn’t like to go into any more detail.”
Ukraine has accused Russia of launching thousands of cyberattacks against its infrastructure since the February 2022 invasion, but experts say Moscow has not carried out similar cyberoffensives against NATO countries.
Some experts warn that Russia has most likely penetrated sensitive networks and could order damaging cyberattacks if it decides to expand the war beyond Ukraine.
A leaked US intelligence assessment warned that Russian hacktivists broke into a Canadian gas infrastructure company this year and took instructions from Russian intelligence, NBC News reported. The assessment was part of a trove of classified Defense Department documents that surfaced on social media and were obtained by news organizations.
NBC News could not independently confirm the intelligence assessment.
The hacktivists, a Russian-speaking group called Zarya, broke into the computer network of an unidentified Canadian gas distribution facility in February and sent the Russian intelligence agency FSB screenshots of what it claimed were controls “to increase valve pressure, disable alarms and initiate an emergency operation [that] it would cause an explosion,” says the US assessment.
“If Zarya is successful, it would be the first time IC has observed a pro-Russia hacking group execute a disruptive attack against Western industrial control systems,” the assessment reads, using an intelligence community abbreviation.
No such disaster appears to have occurred. But the assessment illustrates how the US worries about destructive attacks on Western energy infrastructure and how Russian intelligence can trust domestic hackers to work for it.
