Feeds

Minister warns of national grid hack threat

And theft of commercial secrets

Beginner's guide to SSL certificates

A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.

Security Minister Lord West of Spithead also said that state-sponsored hackers are attempting to infiltrate corporate networks to steal commercial secrets. Much of this could have been said at any time over the last four or five years, if not longer. But a number of more recent factors spice up the stew, including targeted Trojan attacks, vulnerabilities in the (now) internet-connected SCADA control systems that control power plants and recent high-profile cyber-attacks against Georgia and Estonia.

Threats to the UK's critical infrastructure are regularly assessed as part of the National Risk Register. The UK government reckons it's on top of the problem but that doesn't mean that there isn't any risk - especially to less cyber-savvy organisations - especially given the volume and sophistication of some attacks, the minister warned.

"If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system - I'd say in the thousands," said Lord West, The Telegraph reports. "Some are spotted instantly. Others are much, much cleverer."

The warning comes in the aftermath of skirmishes in cyberspace that accompanied the recent conflict on the ground between Russia and Georgia. Defacements and denial of service attacks against Georgia government websites have been linked to Russian state-run businesses and networks controlled by cyber-criminals who are usually busy sending out spam. The website of the South Ossetian government and Russian news agency RIA Novosti were also hit by attacks during the short-lived but fierce war over the disputed region of South Ossetia earlier this month.

Security watchers such as Arbor Networks report that the attacks were more intense but shorter than the assaults that floored the banking and government systems of Estonia last year. The Kremlin has denied state involvement while admitting some Russian nationals may have become involved in the attack.

Interest in dissecting the attacks and chatter on underground forums that preceeded them have sparked the creation of a group of sleuths by IntelFusion. The open-source efforts will look at the cold case of online conflict in Estonia as well as the more recent troubles in Georgia and attacks thought to have been run out of China. More details on the project can be found here. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.