UK NCSC Warns Of Significant Threat To Critical Infrastructure

The NCSC's headquarters in Victoria. NCSC, security

Annual review from National Cyber Security Centre warns of threat posed by state-aligned actors from Russia, China and Iran

The UK’s National Cyber Security Centre (NCSC), part of GCHQ, has warned about the cyber threat posed to the UK’s critical infrastructure by hostile nation states.

In the NCSC’s Annual Review, the cyber guardian warned that the threat to the nation’s most critical infrastructure is ‘enduring and significant’, amid a rise of state-aligned groups, an increase in aggressive cyber activity, and ongoing geopolitical challenges.

A few months ago in August the NCSC had flagged the cyber risks for organisations introducing artificial intelligence (AI) chatbots into their businesses.

ChatGPT: The End of Data Analytics as We Know It?
ChatGPT: The End of Data Analytics as We Know It?

AI election risks

But now the NCSC in its Annual Review has warned that artificial intelligence poses a threat to the country’s next national election, due to be held by January 2025.

It should be remembered that voting in the UK, unlike the United States which utilises computerised voting machines, instead relies on the humble pencil and paper – an old fashioned system that significantly reduces “the chances of a cyber actor affecting the integrity of the results.”

However the report also highlighted the threat posed by fast-evolving AI technology to elections, via the use of deepfake videos, ultrafast connected devices, and “hyper-realistic bots” that would make the spread of disinformation during a campaign easier.

“With elections on the horizon, including a general election, and with people around the world set to go to the polls from Belgium to the US in the next year, the UK and its allies cannot be complacent to the threat of foreign cyber interference and attempts at influencing our democratic processes,” the agency warned.

“The NCSC is working with our allies around the world to share insights and approaches to help improve collective cyber resilience of global democracy.”

Critical infrastructure

The NCSC also warned that cyberattacks by hostile countries and their proxies are proliferating and getting harder to track.

And critical industries, including water companies, power generators, communications and internet connectivity, transportation and financial institutions and networks are at risk.

The NCSC said that over the past 12 months, it has observed the emergence of a new class of cyber adversary in the form of state-aligned actors, who are often sympathetic to Russia’s further invasion of Ukraine and are ideologically, rather than financially, motivated.

In May this year, the NCSC issued a joint advisory revealing details of ‘Snake’ malware, which has been a core component in Russian espionage operations carried out by Russia’s Federal Security Service (FSB) for nearly two decades.

Now the NCSC is reiterating its warning of an enduring and significant threat posed by states and state-aligned groups to the national assets that the UK relies on.

“The last year has seen a significant evolution in the cyber threat to the UK – not least because of Russia’s ongoing invasion of Ukraine but also from the availability and capability of emerging tech,” said NCSC CEO Lindy Cameron.

“As our Annual Review shows, the NCSC and our partners have supported government, the public and private sector, citizens, and organisations of all sizes across the UK to raise awareness of the cyber threats and improve our collective resilience,” said Cameron.

“Beyond the present challenges, we are very aware of the threats on the horizon, including rapid advancements in tech and the growing market for cyber capabilities,” said Cameron. “We are committed to facing those head on and keeping the UK at the forefront of cyber security.”

State-affiliated actors

The NCSC identified the biggest threats as stemming from Russia, which “continues to be one of the most prolific actors in cyberspace, dedicating substantial resources towards conducting operations around the globe and continuing to pose a significant threat to the UK.”

The NCSC has continued to observe cyber activity targeting Ukraine by Russia and Russia aligned actors, though these appear to by opportunistic rather than strategic.

Overall, the impact on Ukraine has been less than many expected, in part due to well-developed Ukrainian cyber security and support from industry and international partners, which includes the UK’s own cyber programme.

Elsewhere, Russian language criminals operating ransomware and ‘ransomware as a service’ models continue to be responsible for the most high-profile cyber attacks against the UK.

Looking at Iran, the NCSC said that while it is less sophisticated than Russia and China, Iran continues to use digital intrusions to achieve their objectives, including through theft and sabotage.

The NCSC also said it continues to see “evidence of China state-affiliated cyber actors deploying sophisticated capability to pursue strategic objectives which threaten the security and stability of UK interests.”