crossorigin="anonymous"> UK cyber threats ‘vastly underestimated,’ security chief warns. – Subrang Safar: Your Journey Through Colors, Fashion, and Lifestyle

UK cyber threats ‘vastly underestimated,’ security chief warns.


In his first speech on Tuesday, the new head of Britain’s National Cyber ​​Security Center warned that the country’s cyber threats are “vastly underestimated.”

Richard Horne, who took over the post in October, says hostile activity has “increased in frequency, sophistication and intensity,” largely by foreign actors in Russia and China. He shed light. Ransomware Attacks on British Library And Pathology company SynnovisWhich disrupted the NHS, showing access to knowledge and reliance on technology for health.

“Actors are using our technology dependence against us, trying to cause as much disruption and destruction as possible,” he said. speech.

See: 1.1 million UK NHS employee records exposed

NCSC’s annual report sees an increase in cyber incidents in 2024.

Horne’s words come on the heels of the NCSC. Annual Review 2024Which shows that its incident management team handled 430 incidents this year compared to 371 in 2023. Of these, 347 involved some form of data theft, while 20 involved ransomware.

The report identified ransomware as the most pervasive threat to UK businesses, particularly in education, manufacturing, IT, legal, charities and construction. According to the NCSC, prevalence of Generative AI has been found Increase ransomware vulnerability by providing “capability enhancements”. attackers. Amateur attackers can use it to generate social engineering content, analyze leaked data, code and espionage, essentially lowering the barrier to entry.

The NCSC’s annual review described 12 of the 430 incidents as “at the higher end of the scale and more severe in nature”, a three-fold increase from the previous year.

Horn says the country is not taking cyber resilience seriously enough.

“What has struck me more than anything since taking the helm at NCSC is the starkly widening gap between the risks and threats we face, and the defenses that protect us,” he said. are there for,” he said. “And what is equally clear to me is that we all need to increase the speed at which we operate to stay ahead of our opponents.”

In fact, this year’s research found that 87% of UK businesses are unprepared for cyber attacks, 99% experienced one in the past year.and only 54% of UK IT professionals are confident in their company’s ability to recover data. after an attack.

Horn added that the guidance and frameworks developed by the NCSC are not widely used. Ultimately, businesses need to change their approach to cyber security from a “necessary evil” or “compliance function” to “an integral part of achieving our mission.”

According to the NCSC, state-led threats to the UK are ending.

State-led threats are a key part of both Horn’s speech and annual review, as there is “no room for complacency” in terms of their scale and severity.

Russia

This year, the NCSC and other international cyber authorities, including the US Federal Bureau of Investigation, warned that Pro-Russian hacktivist attacks Operational technologies such as smart water meters, dam monitoring systems, smart grids, and targeting sensors for precision agriculture. Multiple Examples Russian intelligence services that mandated attacks and espionage against NATO allies were also exposed.

“Russian threat actors have almost certainly stepped up their cyber operations against Ukraine and its allies in support of their military campaign and broader geopolitical objectives,” the annual review wrote. “Through its activities in Ukraine, Russia is encouraging non-state threat actors to carry out cyber attacks against Western CNI.”

China

Horn described China as “a highly sophisticated cyber actor, with an increasing desire to project its influence beyond its borders.” This year it was revealed that Chinese state-sponsored attackers Compromise of critical national infrastructure in the United States And British MPs and Election Commission targeted.

See: Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

The review said Iran was “developing its cyber capabilities” and “prepared to target the UK to further its destructive and destructive objectives”. Attack on organizations in America

North Korea and Iran

The Democratic People’s Republic of Korea is also a major cyber threat actor, targeting cryptocurrency and defense organizations to raise funds and gather military intelligence. According to the review, the NCSC believes UK firms are also at risk from North Korean IT workers masquerading as freelancers to generate more income.

Critical infrastructure is most at risk.

“The defense and resilience of critical infrastructure, supply chains, the public sector and our wider economy must be improved” to protect against these nation-state threats, Horne said.

Ian Birdsey, a partner and cyber specialist at the law firm Clyde & Company, told TechRepublic in an email: “The redrawing of geopolitical battle lines and the rise of global conflict in recent years have seen the UK increasingly vulnerable to hostile nations. In turn, threat actors based in these regions are increasingly launching more sophisticated and sophisticated cyber attacks on UK organisations, particularly within critical national infrastructure and its supply chain.

“As these systems become more digital and interconnected, the pace of these threats continues to increase. Cyber ​​warfare has become an ever-present feature and routine dynamic of conventional warfare.



Source link

Leave a Reply

Translate »