UK: ‘Hostile states’ constantly attacking ‘crucial’ infrastructure
“The internet transforms the risk we face. It is why we have rated attacks from cyberspace one of the top four threats to our national security,” declared Cabinet Minister Francis Maude, ahead of an update of the country’s cyber defense strategy.
The government has been highly reticent about the nature of the attacks, but according to a senior government official, the targets have been “essential services” such as electricity, water and heating companies, with the attacks coming from “hostile states”.
“I am not going to say whether the attacks were or weren't successful,” the unnamed official was quoted as saying by the Independent.
He also claimed that the rival powers are not necessarily attempting to cause widespread destruction – just yet.
“There is a concern about a determined attack against the critical national infrastructure,” said the official.
He also claimed that the Ministry of Defence had been targeted daily.
Industry insiders agree that the strength of attacks has been growing exponentially over the past few years.
"Some of the attacks we've seen launched against government contractors are pretty sophisticated – they're not just somebody messing around, they're not making pranks or using social engineering tactics," said chief security strategist Hugh Thompson from Blue Coat Systems, one of the world’s biggest web security firms.
"Along with stealing technologies, one of the main activities of these intruders is "mapping" – finding the weak spots in an existing security network, so that a serious attack can be carried out at a later time," Aleksandr Gostev, chief virus analyst at Kaspersky Labs, told RT.
Last year, the UK government pledged to spend $1 billion on cyber defense by 2015.
Now, it says it will establish a round-the-clock national computer emergency response team (CERT), which the US has maintained since 2003, but the UK previously said it had no need for.
Rik Ferguson, director of security research and communications at Trend Micro, a security company, told PC Pro that the decision was “long overdue”
China and Russia fingered as main threats
Last year, Baroness Neville-Jones, the Minister of State for Security and Counter Terrorism at the time, identified the most powerful adversaries in the undeclared war against state-backed hackers – China is by far the biggest threat, with Russia a distant second.
"The US has always grouped those two countries together. But while there has been plenty of evidence about China, Russia's involvement is somewhat more sketchy. Of course, looking more globally, all the major powers are engaged in the invisible war," claims Gostev.
In the US, a report delivered to Congress only last month, provided explicit detail about how the Chinese hackers, in particular, operated. It accused “quasi-official cyber militias” of breaking classified passwords, accessing networks and mapping infrastructure.
"There are two main types of Chinese hackers," says Gostev. "One type is freelance teams, who operate on the black market, and often sell their information to anyone, often including the government, and the other is specially assembled government operations, who have a specific task and target."
It also claimed that Chinese-made electronic components may come pre-implanted with harmful software that activates once the equipment is deployed in the US.
It said the purpose of the attacks was both, military espionage and the thirst for private corporate data that would give it an economic edge.
The US, EU and UK have all separately declared that the damage caused by cyber attacks amounts to billions of dollars in their territories alone.
Incidentally, China has already gained legitimate access to key facilities in those countries through investment by its companies. For example, in the UK Northumbrian Water, a large utilities company, is already owned by Cheung Kong Infrastructure Holdings, a Hong Kong company.