Critical infrastructure organisations within the UK have been urged to ramp up their cyber security defences as they face a heightened risk of Russian state-sponsored cyber attacks. An alert issued by the Five Eyes intelligence alliance, which consists of the UK, Australia, Canada, New Zealand and the United States, has warned the Russian government is exploring options for potential cyber attacks against critical organisations such as the NHS, nuclear power stations and parts of the civil service.
According to the alert, "evolving intelligence" suggests hackers within the Russian government are seeking to engage in "malicious cyber activity" in response to the "unprecedented economic sanctions" imposed on Russia following its invasion of Ukraine. There is also concern that hackers are targeting critical infrastructure in countries that have provided "materiel support" to Ukrainian forces.
There are also risks posed by numerous cybercrime groups who have pledged their support to Russia. These include Killnet, a group that claimed credit for a recent DDoS attack against a US airport the group believed was supporting Ukraine. In response to the increased risk, the Five Eyes alert outlines a number of immediate actions critical infrastructure organisations can take to "prepare for and mitigate potential cyber threats".
These include immediately updating software, enforcing multifactor authentication, securing and monitoring "potentially risky" services such as remote desktop protocols, and providing end-user awareness and training.
Chancellor of the Duchy of Lancaster Steve Barclay, the minister responsible for cyber security, told The Daily Telegraph: "Cyber attacks recognise no physical or geographical boundary and it has never been more important to plan and invest in cyber resilience."