UK.gov: 'Foreign cyber reconnaissance' underway in UK

Eyes on tentacles peer from network pipes around YOU


Foreign states may already have used malware to map the networks that support the UK's critical infrastructure systems, the government admitted.

The admission by government officials came in the run-up to a parliamentary statement by Cabinet Office minister, Francis Maude, marking the first anniversary of the UK's government's National Cyber Security Strategy.

Maude highlighted future work on a new UK National Computer Emergency Response team, further work on education and skills, Cyber Reservists for the MoD and a partnership with the private sector to boost the cyber security sector in the UK. He pointed out that the private sector is the largest economic victim of crime-crime, such as IP theft, and from economic espionage perpetrated through cyberspace, as well as highlighting efforts to improvement the protection of the UK's critical infrastructure in a written statement to parliament on Monday (3 December).

"We have invested in new and unique capabilities for GCHQ to identify and analyse hostile cyber attacks in order to protect our core networks and services and support the UK’s wider cyber security mission," Maude said. "I cannot reveal details of this work, but it has broadened and deepened our understanding of the threat, helping us prioritise and direct defensive efforts."

"The Security Service has developed and enhanced its cyber structures, focusing on investigating cyber threats from hostile foreign intelligence agencies and terrorists, and working with UK victims. This informs the work of the Centre for the Protection of National Infrastructure (CPNI) which is helping organisations to improve their cyber security measures."

"CPNI is actively influencing standards, researching vulnerabilities and focusing on the key technologies and systems of cyber infrastructure. As part of this work it has commissioned a major research programme from the University of Oxford with the aim of delivering advice, guidance and products to help reduce the risk of cyber attacks mounted or facilitated with the help of company insiders."

Maude praised efforts to secure systems during the Olympics as well as looking ahead to a new Cyber Incident Response scheme, recently launched by CESG and CPNI in pilot form, will move to become fully operational in 2013. Next year will also see the merger of cyber-policing units at Scotland Yard and SOCA to form the new National Cyber Crime Unit of the new National Crime Agency.

The cyber security strategy was launched on 25 November 2011 as a means to co-ordinate government and private sector efforts in the fight against cyber-espionage, malware and other internet security threats.

The government budgeted £650m to bolster the nation's cyber-defences as part of the 2010 strategic defence review. GCHQ was given the lead role and the lion's share of the budget. Only £30m was earmarked for law enforcement.

Government ministers and officials argue that the threats is growing and facilities that power utilities, banking and other vital services are at the front line of attack. The threats come in the form of attacks designed to steal intellectual property and trade secrets as well as more general cybercrime and probes against the networks of utilities and others.

Officials will not be drawn on who is responsible for reconnaissance-style attacks on UK infrastructure systems, beyond saying that the threat came from abroad.

"We understand that there is a threat from hostile foreign states and others to attack it," a senior official said, The Guardian reports.

"It would be absolutely in keeping with that – we have seen attempts by hostile foreign states through cyberspace as well."

"There are attacks against critical national infrastructure and I am not going to say whether they were or weren't successful," the official added.

US officials have warned about attacks on that country's national infrastructure but unlike their UK counterparts they have been far less reticent about apportioning blame, singling out China and Russia for criticism.

Chris McIntosh, chief exec at encryption firm ViaSat, commented that news that cyber-attacks are increasingly targeting critical infrastructure ought to come as little surprise.

"While previously national energy or resource infrastructure was relatively safe from these attacks, the modernisation of these networks has meant they are closely connected to the internet and so more vulnerable than ever. While at one level the threat to infrastructure could involve the targeting of individual sections of the network and deny certain services at specific areas, at the extreme level these attacks could potentially be used to overload systems or override safety mechanisms, causing catastrophic damage to the surrounding area and the infrastructure as a whole." ®


Other stories you might like

  • 'Prolific' NetWalker extortionist pleads guilty to ransomware charges
    Canadian stole $21.5m from dozens of companies worldwide

    A former Canadian government employee has pleaded guilty in a US court to several charges related to his involvement with the NetWalker ransomware gang.

    On Tuesday, 34-year-old Sebastien Vachon-Desjardins admitted he conspired to commit computer and wire fraud, intentionally damaged a protected computer, and transmitted a demand in relation to damaging a protected computer. 

    He will also forfeit $21.5 million and 21 laptops, mobile phones, gaming consoles, and other devices, according to his plea agreement [PDF], which described Vachon-Desjardins as "one of the most prolific NetWalker Ransomware affiliates" responsible for extorting said millions of dollars from dozens of companies worldwide.

    Continue reading
  • City-killing asteroid won't hit Earth in 2052 after all
    ESA ruins our day with some bad news

    An asteroid predicted to hit Earth in 2052 has, for now, been removed from the European Space Agency's list of rocks to be worried about.

    Asteroid 2021 QM1 was described by ESA as "the riskiest asteroid known to humankind," at least among asteroids discovered in the past year. QM1 was spotted in August 2021 by Arizona-based Mount Lemmon observatory, and additional observations only made its path appear more threatening.

    "We could see its future paths around the Sun, and in 2052 it could come dangerously close to Earth. The more the asteroid was observed, the greater that risk became," said ESA Head of Planetary Defense Richard Moissl. 

    Continue reading
  • Why Wi-Fi 6 and 6E will connect factories of the future
    Tech body pushes reliability, cost savings of next-gen wireless comms for IIoT – not a typo

    Wi-Fi 6 and 6E are being promoted as technologies for enabling industrial automation and the Industrial Internet of Things (IIoT) thanks to features that provide more reliable communications and reduced costs compared with wired network alternatives, at least according to the Wireless Broadband Alliance (WBA).

    The WBA’s Wi-Fi 6/6E for IIoT working group, led by Cisco, Deutsche Telekom, and Intel, has pulled together ideas on the future of networked devices in factories and written it all up in a “Wi-Fi 6/6E for Industrial IoT: Enabling Wi-Fi Determinism in an IoT World” manifesto.

    The detailed whitepaper makes the case that wireless communications has become the preferred way to network sensors as part of IIoT deployments because it's faster and cheaper than fiber or copper infrastructure. The alliance is a collection of technology companies and service providers that work together on developing standards, coming up with certifications and guidelines, advocating for stuff that they want, and so on.

    Continue reading
  • Intel demos multi-wavelength laser array integrated on silicon wafer
    Next stop – on-chip optical interconnects? Plus it's built with 300mm tech, meaning potential volume production

    Intel is claiming a significant advancement in its photonics research with an eight-wavelength laser array that is integrated on a silicon wafer, marking another step on the road to on-chip optical interconnects.

    This development from Intel Labs will enable the production of an optical source with the required performance for future high-volume applications, the chip giant claimed. These include co-packaged optics, where the optical components are combined in the same chip package as other components such as network switch silicon, and optical interconnects between processors.

    According to Intel Labs, its demonstration laser array was built on the company's well-established 300mm wafer manufacturing technology which is already used to make optical transceivers, paving the way for high-volume manufacturing in future. The eight-wavelength array uses distributed feedback (DFB) laser diodes, which apparently refers to the use of a periodically structured element or diffraction grating inside the laser to generate a single frequency output.

    Continue reading
  • Ex-Uber security chief accused of hushing database breach must face fraud charges
    Company execs and their lawyers are paying close attention to this one

    A US judge yesterday threw out an attempt to dismiss wire fraud charges against a former Uber employee accused of trying to cover up a computer crime.

    Former Uber security chief Joseph Sullivan is set to face criminal charges after US District Judge William Orrick yesterday [PDF] rejected his claim that prosecutors did not "adequately" allege that the goal of the claimed misrepresentation of the security breach was to get Uber's drivers to stay with the platform and continue paying service fees.

    In December last year, a federal grand jury handed down a superseding indictment adding wire fraud to the list of charges pending against Sullivan for his role in the alleged attempted cover-up of the 2016 security breach at Uber. The incident led to around 57 million user and driver records being stolen.

    Continue reading
  • FabricScape: Microsoft warns of vuln in Service Fabric
    Not trying to spin this as a Linux security hole, surely?

    Microsoft is flagging up a security hole in its Service Fabric technology when using containerized Linux workloads, and urged customers to upgrade their clusters to the most recent release.

    The flaw is tracked as CVE-2022-30137, an elevation-of-privilege vulnerability in Microsoft's Service Fabric. An attacker would need read/write access to the cluster as well as the ability to execute code within a Linux container granted access to the Service Fabric runtime in order to wreak havoc.

    Through a compromised container, for instance, a miscreant could gain control of the resource's host Service Fabric node and potentially the entire cluster.

    Continue reading
  • US seeks exascale systems 10 times faster than current state-of-the-art computers
    China claims to have 10 in the pipeline and may pull ahead in HPC arms race

    The US Department of Energy is looking to vendors that will help build supercomputers up to 10 times faster than the recently inaugurated Frontier exascale system to come on stream between 2025 and 2030, and even more powerful systems than that for the 2030s.

    These details were disclosed in a request for information (RFI) issued by the DoE for computing hardware and software vendors, system integrators and others to "assist the DoE national laboratories (labs) to plan, design, commission, and acquire the next generation of supercomputing systems in the 2025 to 2030 time frame."

    Vendors have until the end of July to respond.

    Continue reading

Biting the hand that feeds IT © 1998–2022