Feeds

Minister warns of national grid hack threat

And theft of commercial secrets

The Essential Guide to IT Transformation

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

Security Minister Lord West of Spithead also said that state-sponsored hackers are attempting to infiltrate corporate networks to steal commercial secrets. Much of this could have been said at any time over the last four or five years, if not longer. But a number of more recent factors spice up the stew, including targeted Trojan attacks, vulnerabilities in the (now) internet-connected SCADA control systems that control power plants and recent high-profile cyber-attacks against Georgia and Estonia.

Threats to the UK's critical infrastructure are regularly assessed as part of the National Risk Register. The UK government reckons it's on top of the problem but that doesn't mean that there isn't any risk - especially to less cyber-savvy organisations - especially given the volume and sophistication of some attacks, the minister warned.

"If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system - I'd say in the thousands," said Lord West, The Telegraph reports. "Some are spotted instantly. Others are much, much cleverer."

The warning comes in the aftermath of skirmishes in cyberspace that accompanied the recent conflict on the ground between Russia and Georgia. Defacements and denial of service attacks against Georgia government websites have been linked to Russian state-run businesses and networks controlled by cyber-criminals who are usually busy sending out spam. The website of the South Ossetian government and Russian news agency RIA Novosti were also hit by attacks during the short-lived but fierce war over the disputed region of South Ossetia earlier this month.

Security watchers such as Arbor Networks report that the attacks were more intense but shorter than the assaults that floored the banking and government systems of Estonia last year. The Kremlin has denied state involvement while admitting some Russian nationals may have become involved in the attack.

Interest in dissecting the attacks and chatter on underground forums that preceeded them have sparked the creation of a group of sleuths by IntelFusion. The open-source efforts will look at the cold case of online conflict in Estonia as well as the more recent troubles in Georgia and attacks thought to have been run out of China. More details on the project can be found here. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.