The current cyber dimension of the Russia-Ukraine conflict and how it may escalate were discussed by Ciaran Martin, founding CEO of the UK’s National Cyber Security Centre (NCSC), during the keynote address at the Infosecurity Magazine Online Summit – EMEA 2022.
Martin began by noting that so far, “the cyber dimension has been quieter than many of us might have expected.” However, the past 24 hours have seen two announcements that have brought the scale of the threat posed in cyberspace into sharp focus. These were from “opposite ends of the cybersecurity spectrum.” The first was the notice issued by US President Joe Biden, warning US organizations to be prepared for imminent high-level cyber-attacks. Given the success of US intelligence relating to the conflict so far, “I don’t think they’d be doing that lightly,” observed Martin.
The other was the announcement by the charity The Scottish Association for Mental Health that it had suffered a ransomware attack, significantly impacting its systems. While these two announcements are in very different areas, it is likely both relate to threats “emanating from the Russian Federation.” Martin added: “It’s quite possible we’re dealing with a complex ecosystem of Russian criminality and Russian malicious cyber activity.”
Fundamentally, these two distinct announcements show that we’re both in a period of heightened tension in cyberspace and “we’re at risk from our enduring cyber vulnerabilities.”
Martin then explained why the Russian invasion of Ukraine means we are in a period of heightened tension. He pointed out that this is not the beginning of the conflict between the two nations, which in reality started in 2014 since the Russian annexation of Crimea. Since that time, Russian state-sponsored actors have launched numerous sophisticated cyber-attacks targeting Ukrainian critical infrastructure. These include taking out power grids, the NotPetya attack in 2017 and the wiper malware attack hitting numerous organizations on the eve of the Russian invasion of Ukraine in February 2022.
No tags.
