Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), has told the Sunday Times that many of the 188 attacks experienced in the last three months have “threatened national security”.
Martin was speaking to the Sunday Times ahead of the official opening of NCSC, shedding some light on the importance of this institution’s purpose.
The UK is under a constant barrage of cyber attacks, and Martin made clear that Russian and Chinese state-sponsored hackers were among those being investigated.
He told the newspaper that hacks on public infrastructure and government departments were attempts to “extract information on UK government policy on anything from energy to diplomacy to information on a particular sector”.
>See also: The UK’s new National Cyber Security Centre
His interview with the Sunday Times has unveiled, to some extent, the cyber threats that Britain is exposed to. These attacks should now be a public concern, and it would not be wrong to think that a period of sustained cyber warfare has begun.
Indeed, Martin said there had been “a step-change in Russian aggression in cyber space” over the last two years.
“Part of that step change has been a series of attacks on political institutions, political parties, parliamentary organisations and that’s all very well evidenced by our international partners and widely accepted,” he said.
“While we may be seeing a reported “step change” in online attacks from Russia and other countries, there is little doubt that foreign powers who commit, or at least support, these attacks will see any element of the UK Government and infrastructure as a legitimate target,” suggested Piers Wilson, head of product management, Huntsman Security.
“Given the scale and complexity of the attacks, their attribution to a well-funded and skilled adversary is no surprise. Organisations should not consider these as a risk that is only targeted at high-profile networks and systems. Like any attacker, a state-sponsored actor will target any entity that it can find benefit from; this spans opposing nations, to their critical infrastructure, or just private businesses that can be sabotaged, disrupted or have valuable information stolen in the attacker national interest.”
>See also: Businesses should support the new National Cyber Security Strategy
In terms of the public sector alone, Chancellor Philip Hammond, the former defence and foreign secretary, has said the NCSC had blocked 34,550 “potential attacks” on government departments and members of the public in the last six months, at a rate of about 200 a day.
Writing in the Sunday Telegraph, he warned that the “internet revolution” increased the chances of the “shutting down of critical national infrastructure”.
Peter Carlisle, VP EMEA at Thales e-Security commented on the interview Martin: “it’s crystal clear that cyber criminals will stop at nothing to breach public sector security in an effort to get into Whitehall systems.”
“With hackers also targeting local government organisations, it’s absolutely critical that the public sector continues the collaborative approach set out by the National Cyber Security Centre.”
“We all have a responsibility to protect national security and that’s why it’s so important that industry works in partnership with the government to protect the public sector and critical national infrastructure from increasingly sophisticated attacks.”
Carlisle highlights an important point. It is crucial that the private sector work with the public sector, because they have more experience in dealing with the threats now posed to national infrastructure.