Details of the Russian cyber threat against UK

Russian government may be preparing destructive cyber attacks against UK critical national infrastructure & increased espionage

Share This Post

Heightened cyber threat

Since mid-January 2022, the National Cyber Security Centre (NCSC) has publicly declared that the UK faces a heightened cyber threat from Russia due to increased geopolitical tensions caused by the Russian military build-up and invasion of Ukraine.

2tela believe the cyber threat to UK businesses is heightened but this is due to the increased activity of cyber criminals conducting ransomware and email fraud.

The threat of a direct Russian nation state attack against a UK SME is still far lower than the threat from cyber criminals.

Russian threat focused against CNI & intelligence collection

The increased threat detailed by the NCSC is assessed by 2tela to likely be of the Russian government conducting cyber-attacks against UK critical national infrastructure (CNI) and traditional espionage targets.

The Russian government has for many years used cyberespionage as an effective tool for collecting intelligence against targets, such as prominent politicians & governments, western defence contractors & NATO militaries.

Alongside these covert methods, the Russian intelligence services have also developed destructive cyber tradecraft; techniques designed to actively degrade, disrupt or destroy an adversaries’ CNI.

For example, the cyber attack against the Ukrainian power system in December 2016 which led to power outages in parts of Kiev for over an hour. In April 2022, the UK Government publicly stated the Russian signals intelligence unit, FSB Centre 16, was responsible for multiple attacks over several years against UK, US and European CNI targets.

Whilst we do not have insight into Russian intelligence operations, there are clear indications that Russia is putting significant resource into developing methods for destructive attacks against CNI targets.

2tela assess that in the current confrontation with NATO, there has likely been an increase in Russian cyber espionage and likely an increased effort by Russia to either target or put in place capabilities, to attack the UK’s CNI with destructive cyber-attacks. 

Unit badge of FSB Centre 16, Russia's signals & cyber intelligence agency.
Recent examples of possible Russian activity against NATO

In the lead-up to the Russian invasion of Ukraine, there were cyber & physical attacks that may have been committed by the Russian intelligence services against NATO countries, two such examples were:

  • Cutting of Arctic undersea telecommunications cable – In January 2022, an undersea telecommunications cable off the coast of the Arctic Norwegian settlement of Svalbard was damaged by unidentified ‘human activity‘. Whilst there has been no public attribution of this activity, Russia has for many years had a maritime special forces unit called GUGI that operates deep diving submersibles which are suspected of being involved in tapping and tampering with undersea cables. Its possible this attack was a demonstration of Russia’s capability to interrupt telecommunications of a NATO power. 
The so-what for UK businesses

2tela believe UK businesses continue to face a heightened threat, but most of this is due to cyber criminals attempting to defraud organisations and launch ransomware attacks.

Some of the increased cyber threat outlined by the NCSC is against UK CNI organisations and installations. Any cyber attack against UK CNI could affect businesses; either through the disruption of key services such as electricity and water supplies, or through businesses being caught up in the cyber-attack itself.

Either way, we recommend businesses have at least the foundations of cyber defence in place to help reduce the risk from the heightened threat, as explained here – contact 2tela to find out how.

Request a call back from team 2tela

Fill in your details and we'll be in touch

More To Explore

Threats & Exploits

Cyber operations during conflict and war

Middle East tensions significantly increased following the UK designated terrorist group Hamas attacked Israel on 7th October. Cyber operations are increasing and is a growing threat to UK businesses.

Do You Want To Boost Your Business?

drop us a line and keep in touch

Please Login

First timer?

Learn how we help give businesses peace of mind and security

Fill in the form and we'll be in touch.