“Reckless campaign” of cyber attacks by Russian military intelligence service exposed

The National Cyber Security Centre (NCSC) has identified that a number of cyber actors widely known to have been conducting cyber attacks around the world are, in fact, the GRU (the Main Directorate of the General Staff of the Armed Forces of the Russian Federation). These attacks have been conducted in flagrant violation of international law, have affected citizens in a large number of countries – including Russia – and have cost national economies millions of pounds.

Cyber attacks orchestrated by the GRU have attempted to undermine international sporting institution WADA, disrupt transport systems in the Ukraine, destabilise democracies and target businesses.

This campaign by the GRU shows that it’s working in secret to undermine international law and international institutions.

Foreign Secretary Jeremy Hunt said:”These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport. The GRU’s actions are reckless and indiscriminate. They try to undermine and interfere in elections in other countries. They’re even prepared to damage Russian companies and Russian citizens. This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences. Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”

The UK and its allies are once again united in demonstrating that the international community will stand up against irresponsible cyber attacks by other Governments and will work together to respond to them. A statement on the NCSC’s website reads: “The British Government will continue to do whatever is necessary to keep our people safe.”

As Prime Minister Theresa May stated in Parliament on Wednesday 5 September, the UK will work with its allies to shine a light on the activities of the GRU and expose their methods.

*Detailed information on the attacks is available on the NCSC website

Western Governments ‘must get their act together’ warns university academic

The head of aviation and security studies at Buckinghamshire New University has warned the UK and other Western Governments to ‘get their act together’ against Russian cyber hackers as the Internet and social media join more traditional weapons on the global battlefield.

Philip Wood MBE was speaking after it was revealed that Dutch security services expelled four Russians in April over a plot targeting the global chemical weapons watchdog and the UK Government accused Russia’s military intelligence service of being behind four high-profile cyber attacks.

Philip Wood MBE

Philip Wood MBE

Wood, who had a 20-year career in the military, has warned that online and physical battles to dominate ideas and territory are here to stay. “A perceived inability of the West to get its act together to deal with this threat is allowing Russia’s confidence to continue to grow,” said Wood. “The cyber battle space is an element of the wider hybrid warfare campaign that Russia is waging, designed to not only attack systems, but also undertake synchronised destabilisation and influencing activity. We should be under no illusion that the current state of affairs, whereby such aggressive activity is being carried out across borders, and whether involving the use of chemical weapons or social media ‘bots’ to impersonate real people and influence debate and politics, is redolent of the Cold War.”

In a social media age, Wood feels that influencing thought and opinion is just as effective in damaging a Government (and/or confidence in it) as aggressive attacks. “This insidious and persuasive approach, involving fake news as well as the wider arsenal of capabilities that Russia holds, is seemingly very effective. How this current round of accusations will be received by Russia is yet to be seen. It’s highly probable that there will be denial and, behind closed doors, it will probably be of minor consequence to the Russian leadership. Most important for them is that they’re able to see that their policy and approach in both cyber and hybrid warfare is working, as seemingly evidenced by the significant shift change in citizens’ confidence in Government and politics in the West.”

Long-term and ambitious game

Wood continued: “There is a long-term and ambitious game being played here which is serious and has specific end goals and objectives. The online and physical battles to dominate ideas and territory are here to stay, with each side conducting attack and defence in line with its capabilities, long-term ambitions and own Code of Ethics and legal parameters. This is the future of international relations and the upper hand will continue to shift according to whichever adversary has the technological capability as well as the ambition and will to overcome the threats that they respectively perceive to be facing them.”

Further, Wood asserted: “With so many variables and with so much to gain, this activity across military, political, economic, civil and information battle spaces is part of the future as well as a current issue. The consequent threat that has yet to be more openly considered is whether this becomes more of a physical confrontation as time and complexity go on. Cyber warfare is played out through IT systems, but it’s no game. If there is a game being played, it’s a long one.”

Not a new phenomenon

Mishcon de Reya’s cyber intelligence director Mark Tibbs told Risk UK: “Governments spying on Governments isn’t a new phenomenon, but it’s an activity now being played out in cyber space on a regular basis. This latest news should come as no surprise to anyone who has been keeping up with cyber security developments in recent years, during which we’ve seen Government-backed attacks, and not just from Russia. The UK itself has acknowledged its own ‘offensive cyber capability’ which is essentially the country’s own ability to hack potential enemies.”

Tibbs went on to state: “What’s unusual in this case is how open the UK and its allies are willing to be about the activity, possibly to embarrass the Russian authorities and to pressurise Russia into restraining its activities. The Dutch authorities have also revealed significant details of a thwarted attack against the OPCW, the chemical weapons Watchdog in The Hague, and have promised more details will come from a US Department of Justice indictment. The information made public included video footage and passport details of the suspects. Many are likely to view this concerted effort as a direct response to the Salisbury attacks.”

Further, Tibbs explained: “These revelations do not represent an escalated threat of cyber attacks in the immediate future. The tactics that were revealed were conventional and related to e-mail security. There can be costly incidents for businesses stuck between two sides of a conflict like this. Those businesses with a strong national brand with close associations to Russia or the UK are most at risk as they may be considered a proxy for their home country.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts