Share this article on:
UK officials believe that Russia is preparing to launch a cyber war on the UK in an effort to weaken its support for Ukraine.
In a speech to the NATO Cyber Defence Conference at Lancaster House, Chancellor of the Duchy of Lancaster Pat McFadden will warn of Russia’s cyber warfare capabilities.
“Military hard power is one thing. But cyber war can be destabilising and debilitating. With a cyber attack, Russia can turn the lights off for millions of people. It can shut down the power grids. This is the hidden war Russia is waging with Ukraine,” he will say.
“Given the scale of that hostility, my message to members today is clear: no one should underestimate the Russian cyber threat to NATO. The threat is real. Russia is exceptionally aggressive and reckless in the cyber realm.”
McFadden is expected to specifically name Russian Unit 29155, which the UK government has said is behind a number of cyber attacks on EU and UK firms.
He is also set to claim that Russian state-sponsored threat groups have been behind at least nine separate cyber attacks on NATO nations, including ones on critical infrastructure.
In September, US, UK, Canadian, European and Australian security agencies warned of Russian military hackers targeting critical infrastructure.
According to the release, led by the US Cybersecurity and Infrastructure Security Agency, threat actors with links to the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) have been working on network operations against targets across the globe since at least 2020. The hackers’ aims have been sabotage, espionage, and causing reputational harm to their victims.
GRU Unit 29155 has also been observed deploying a particularly nasty malware known as WhisperGate against multiple targets in Ukraine since January 2022.
“FBI, NSA, and CISA assess Unit 29155 is responsible for attempted coups, sabotage and influence operations, and assassination attempts throughout Europe,” CISA said in its advisory.
“Unit 29155 expanded their tradecraft to include offensive cyber operations since at least 2020. Unit 29155 cyber actors’ objectives appear to include the collection of information for espionage purposes, reputational harm caused by the theft and leakage of sensitive information, and systematic sabotage caused by the destruction of data.”
Unit 29155 has targeted organisations in NATO member nations in the US and Europe, as well as throughout the rest of Europe, central Asia, and Latin America.
“The activity includes cyber campaigns such as website defacements, infrastructure scanning, data exfiltration, and data leak operations,” CISA said.
“These actors sell or publicly release exfiltrated victim data obtained from their compromises. Since early 2022, the primary focus of the cyber actors appears to be targeting and disrupting efforts to provide aid to Ukraine.”