UK hit 'by almost 200 Russian cyber attacks' in three months

Hacking Hacker Security

Britain is under attack from Russian hackers attempting to steal classified government data, the country's top cybersecurity chief has warned in an interview with the Sunday Times.

Over the past three months, the UK has been hit by 188 serious cyber attacks, averaging out at more than 60 per month, according to the National Cyber Security Centre (NCSC), the new GCHQ division set up to strengthen the UK's defences against cyber attacks. The department is set to be officially opened by the Queen on Tuesday.

NCSC head Ciaran Martin told the Sunday Times that Putin's government has been stepping up its attacks against Western nations like the US and the UK.

"Over the last two years there has been a step change in Russian aggression in cyber-space," he said. "Part of that step change has been a series of attacks on political institutions, political parties, parliamentary organisations and that's all very well evidenced by our international partners and widely accepted."

Martin classified the attacks on the UK as "category two and three" and said that many of them "threatened national security".

"In the case of government departments, [the aim is] getting into the system to extract information on UK government policy on anything from energy to diplomacy to information on a particular sector. With companies, it could be to steal intellectual property and sometimes you would get states in that business," he said.

Britain has yet to experience a 'category one' cyber attack, which would be comparable to the hack of the US Office of Personnel Management in 2015, an incident which resulted in the theft of 25 million federal employees' personal and biometric details.

However, Martin said that he expects "there will be a category one incident at some point in the future," citing the fact that "most of our major allies in similar countries have experienced what I would call a category one attack" and that "the intent and capabilities are there to deploy the sort of attack against similar and allied partner countries".

The US election was plagued with accusations of Russian hacking, with US security agencies and former President Barack Obama accusing the country of hacking emails belonging to the Democratic National Committee, with President Donald Trump eventually suggesting the country was likely behind these breaches.

However, Martin is confident about Britain's prospects of repelling such attacks. "We've got some very capable adversaries, but we've done a good job in detecting and managing those sorts of attacks," he said.

"We have very good capabilities where we watch the main actors that we know about very closely and we look at where they're attacking and we work very closely with key government departments and the parliamentary network to protect their systems."

"We can't eliminate the threat, but defeatism drives me mad," he added. "We shouldn't be defeatist about this; there's plenty we can do to strengthen defences at all levels."

The government outlined its Government Transformation Strategy last week, citing the increasing range of cyber threats as a motivating factor to improving Whitehall's digital skills.

Adam Shepherd

Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.

Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.

You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.