Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief

Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief

Trending 2 months ago 56
getty-close-up-of-hacker-hands-using-a-laptop.jpg
Image: Getty

Russia has engaged successful a sustained, malicious cyber run against Ukraine and its allies since the February 24 penetration – but its deficiency of occurrence shows that it's imaginable to support against cyberattacks, adjacent against immoderate of the astir blase and persistent attackers, says the UK's cybersecurity chief.

"Try arsenic they might, Russian cyberattacks simply person not had the intended impact," said Lindy Cameron, CEO of the National Cyber Security Centre (NCSC) – the cyber limb of GCHQ – speaking astatine Chatham House successful London.

"But if the Ukrainian cyber defence teaches america a wider acquisition – for subject mentation and beyond – it is that, successful cybersecurity, the defender has important agency. In galore ways you tin take however susceptible you tin beryllium to attacks."

Also: The scary aboriginal of the internet: How the tech of time volition airs adjacent bigger cybersecurity threats

In the run-up to and since the penetration of Ukraine, the state has been deed by a bid of cyberattacks that person been attributed to Russia. These see distributed denial of work (DDoS) attacks against the Ukranian authorities and fiscal sector, arsenic good arsenic wiper malware campaigns designed to destruct systems by rendering them unusable.

These weren't the archetypal violative cyberattacks linked to the Russian authorities that person targeted Ukraine; attacks antecedently caused powerfulness outages successful the winters of 2015 and 2016. Then, successful 2017, Russia launched the NotPetya wiper malware onslaught against Ukraine, but the interaction dispersed further, causing billions of dollars of harm astir the world.

Since the invasion, Cameron said, "what we person seen is simply a precise important struggle successful cyberspace – astir apt the astir sustained and intensive cyber run connected record." But she besides pointed to the deficiency of occurrence of these campaigns, acknowledgment to the efforts of Ukrainian cyber defenders and their allies. 

"This enactment has provided america with the clearest objection that a beardown and effectual cyber defence tin beryllium mounted, adjacent against an adversary arsenic good prepared and resourced arsenic the Russian Federation."

Cameron argued that not lone does this supply lessons for what countries and their governments tin bash to support against cyberattacks, but determination are besides lessons for organisations connected however to support against incidents, beryllium they nation-state backed campaigns, ransomware attacks oregon different malicious cyber operations.

"Central to this is simply a committedness to semipermanent resilience," said Cameron. "Building resilience means we don't needfully request to cognize wherever oregon however the menace volition manifest itself next. Instead, we cognize that astir threats volition beryllium incapable to breach our defences. And erstwhile they do, we tin retrieve rapidly and fully."

The NCSC has antecedently suggested that organisations should beryllium operating astatine a heightened menace level, and has made recommendations that should beryllium followed to assistance support against cyberattacks, oregon collateral harm arsenic a effect of wide-scale cyber events. 

Also: White House warns: Do these 8 things present to boost your information up of imaginable Russian cyberattacks

These recommendations, which Cameron reiterated astatine Chatham House, see verifying that all bundle is up to day with the latest information patches, checking that backups are moving properly, and having an incidental effect program successful spot – due to the fact that cyberattacks proceed to correspond a large threat. 

"There whitethorn beryllium organisations that are opening to deliberation 'is this inactive necessary?' arsenic successful the UK we haven't experienced a large incidental related to the warfare successful Ukraine. My reply is an emphatic 'yes'," Cameron said. 

"UK organisations – and their web defenders – should beryllium prepared for this play of elevated alert to beryllium with america for the agelong haul. Across the UK, we request to absorption connected gathering semipermanent resilience. Just arsenic the Ukrainian defenders person done," she added. 

MORE ON CYBERSECURITY

style="display:block" data-ad-client="ca-pub-6050020371266145" data-ad-slot="7414032534" data-ad-format="auto" data-full-width-responsive="true">