Minister warns of national grid hack threat
And theft of commercial secrets
A UK government minister has warned that cyber-terrorists were attempting to take out the national grid.
Security Minister Lord West of Spithead also said that state-sponsored hackers are attempting to infiltrate corporate networks to steal commercial secrets. Much of this could have been said at any time over the last four or five years, if not longer. But a number of more recent factors spice up the stew, including targeted Trojan attacks, vulnerabilities in the (now) internet-connected SCADA control systems that control power plants and recent high-profile cyber-attacks against Georgia and Estonia.
Threats to the UK's critical infrastructure are regularly assessed as part of the National Risk Register. The UK government reckons it's on top of the problem but that doesn't mean that there isn't any risk - especially to less cyber-savvy organisations - especially given the volume and sophistication of some attacks, the minister warned.
"If you take the whole gamut of threats, from state-sponsored organisations to industrial espionage, private individuals and malcontents, you're talking about a remarkable number of attempted attacks on our system - I'd say in the thousands," said Lord West, The Telegraph reports. "Some are spotted instantly. Others are much, much cleverer."
The warning comes in the aftermath of skirmishes in cyberspace that accompanied the recent conflict on the ground between Russia and Georgia. Defacements and denial of service attacks against Georgia government websites have been linked to Russian state-run businesses and networks controlled by cyber-criminals who are usually busy sending out spam. The website of the South Ossetian government and Russian news agency RIA Novosti were also hit by attacks during the short-lived but fierce war over the disputed region of South Ossetia earlier this month.
Security watchers such as Arbor Networks report that the attacks were more intense but shorter than the assaults that floored the banking and government systems of Estonia last year. The Kremlin has denied state involvement while admitting some Russian nationals may have become involved in the attack.
Interest in dissecting the attacks and chatter on underground forums that preceeded them have sparked the creation of a group of sleuths by IntelFusion. The open-source efforts will look at the cold case of online conflict in Estonia as well as the more recent troubles in Georgia and attacks thought to have been run out of China. More details on the project can be found here. ®
Sponsored: Customer Identity and Access Management