The head of the UK’s cybersecurity watchdog the National Cybersecurity Centre (NCSC) says her organisation has learned a lot about the UK’s ability to withstand cyberattacks from the war in Ukraine, which she describes as the “most sustained and intensive cyber campaign ever”.

NCSC
The NCSC wants critical infrastructure providers to boost security. (Photo by T Schneider/Shutterstock)

Lindy Cameron’s comments came in the NCSC’s annual report, released today, which also highlights that work is needed to boost the security of the UK’s critical national infrastructure, such as water and power networks, to ensure it is adequately protected from the threat posed by hackers.

Russia’s war in Ukraine has been an intense cyber battle

NCSC CEO Cameron said that improving UK infrastructure’s resilience against cyberattacks was a key priority for her organisation.

She said: “We will continue to improve our understanding of the threats we face and use this knowledge to strengthen resilience in the areas that carry the most risk for the UK, be that across government or to the companies involved in delivering our critical national infrastructure.

Adding that her team had “learned a lot about our resilience in light of the ongoing war between Russia and Ukraine”, she said the conflict “remains the most sustained and intensive cyber campaign ever”.

Cameron added: “As the threat landscape evolves, we will need to measure the impact we can have on resilience, as well as while working with others to maximise our success.”

As reported by Tech Monitor, the Russia-Ukraine war has been characterised by a string of cyberattacks perpetrated by hackers sympathetic to both sides in the conflict. The most common successful attacks have been low-level DDoS breaches, but critical infrastructure has also been a common target.

Last year the UK and its allies in the Five Eyes security alliance flagged the threat posed to infrastructure by Russian hackers, and in September this year, the alliance said a set of hacking tools known as ‘Infamous Chisel’ was being deployed by hacking group Sandworm, working on behalf of Russia’s GRU security force, to hit targets in Ukraine. The same group also managed to cause power cuts in Ukraine by hacking into infrastructure, according to a report last week from Google-owned security vendor Mandiant.

UK must boost critical infrastructure defences

Russia is not the only threat to critical infrastructure, and the report highlights that nation-state-backed cybercriminals from China and North Korea have also launched campaigns against the UK and its allies.

This threat to critical infrastructure is “evolving”, the report says, and it warns: “While we are making progress building resilience in our most critical sectors, we aren’t where we need to be,” the report states. 

“We will continue to work with partners across government, industry and regulators to accelerate this work and keep pace with the changing threat, including tracking their resilience in line with targets set out by the deputy prime minister.”

In April, the government set new security targets for critical infrastructure providers, with a 2025 compliance deadline.

Read more: NCSC and Five Eyes reveal most damaging vulnerabilities