The UK government has warned that cyber threat actors operating on behalf of the Russian regime have already orchestrated cyber attacks against UK media, telecoms, political and democratic institutions, and critical national infrastructure (CNI), and are poised to conduct even more devastating attacks.
“That is the hidden war Russia is waging in Ukraine, and in the last year, both the Russian military and its unofficial army of cyber criminals and hacktivists have not just stepped up their attacks, but widened their targets to a number of Nato members and partners. The aim is to gain a strategic advantage, to degrade the states that support Ukraine,” he said.
McFadden also called out Moscow's use of cyber criminal gangs and mercenary hacktivist operations that are not directly controlled by the Kremlin but are allowed to act with impunity as long as they don't act against Russia's interests.
He revealed that such gangs had targeted the South Korean state in response to its monitoring of Russia's deployment of North Korean troops to the Kursk region of Ukraine,
“Russian state-aligned groups have taken responsibility for at least nine separate cyber attacks of varying severity against Nato states, including unprovoked attacks against our critical national infrastructure,” said McFadden.
“The activity of these groups isn't something new, or something that has just been happening in recent months. They are unpredictable; they act with disregard for the potential geopolitical consequences and, with just one miscalculation, could wreak havoc.
“The UK and others in this room are watching Russia. We know exactly what they are doing, and we are countering their attacks both publicly and behind the scenes. We know from history that pleasing dictators engaged in aggression against their neighbors only encourages them. Britain learned long ago the importance of standing strong in the face of such actions.”
Unhelpful language
Jamie MacColl, cyber research fellow at the Royal United Services Institute (RUSI) think tank, said McFadden's speech represented a rhetorical escalation in how Westminster approaches cyber operations, and at times veered into the kind of hyperbole that has not been seen from a sitting government minister “since [former Conservative minister] Gavin Williamson said that a cyber attack could kill thousands”.
The suggestion that Russia 'can turn the lights off for millions' is not grounded in reality … This kind of language does Russia's job for it, given Russian intelligence wants to create panic and weaken societal resilience through cyber operations.
Jamie MacColl, Royal United Services Institute
,[It] is likely intended to signal the seriousness of the Russian cyber threat to Nato partners, as well as UK critical national infrastructure providers and businesses that need to harden their cyber defenses…. This speech is likely intended to galvanize action within the alliance, particularly among allies who may be less inclined to take the Russian threat seriously,” MacColl told Computer Weekly via email.
However, he continued, McFadden risked veering into outright hyperbole which was not necessarily helpful.
“The suggestion that Russia 'can turn the lights off for millions' is not grounded in reality and likely reflects a misunderstanding of the kind of effects that offensive cyber operations can achieve,” he said. “This kind of language also does Russia's job for it, given Russian intelligence wants to create panic and weaken societal resilience through cyber operations.
“Resisting Russian cyber attacks requires psychological as well as cyber resilience, and this rests on clear and calm rhetoric and guidance from the government. The new Labor government is on a learning curve with cyber security after 14 years out of office – it needs to make sure it has political advisers and speechwriters that understand the reality of cyber operations and cyber security,” McFadden added.
James Sullivan, who directs RUSI's Cyber Research work, added that talk of doomsday scenarios such as a nationwide power cut in the deep midwinter risked damaging public trust in public services. He called on the new government to reconnect with the public about why cyber security really matters, saying that disaster movie scenarios missed the more nuanced reality that cyber incidents cause much more “gradual and insidious” harm.
AI lab
During his speech, McFadden also revealed that the government will be backing a new artificial intelligence (AI) cyber lab with £8.22m of public money to give the UK an advantage in the so-called “AI arms race”.
The proposed Laboratory for AI Security Research (LASR) will bring together world-class industry, academic and government experts to assess the impact of AI on national security and help exploit its potential to create better defensive tools and enhance the work of the intelligence community.
Besides government departments including the Foreign, Commonwealth and Development Office (FCDO), the Department for Science, Innovation and Technology (DSTI), GCHQ and the National Cyber Security Center (NCSC), and the Ministry of Defense (MoD) Science and Technology Laboratory , the new project will also draw on the Alan Turing Institute, the University of Oxford and Queen's University Belfast, and cyber incubator Plexal. Foreign partnerships are being sought from within the Five Eyes alliance and the rest of Nato.
AI's strength lies in its ability to analyze massive datasets. This very strength can be turned against us
Spencer Starkey, SonicWall
McFadden also announced a £1m investment in incident response to share expertise so that the UK's allies can better respond to cyber attacks on their institutions.
Stephen Doughty, minister for Europe, North America and UK Overseas Territories, said: “AI has enormous potential. To ensure it remains a force for good in the world, we need to understand its threats and its opportunities.
“LASR builds on the UK's position as the global birthplace of modern computing, following the pioneering legacy of Alan Turing. It is part of the government's wider work to improve the UK's cyber defenses and grow the economy, which includes the upcoming Cyber Security and Resilience Bill and recent designation of datacentres as critical national infrastructure,
SonicWall's Spencer Starkey, executive vice-president of EMEA, said: “While artificial intelligence offers exciting possibilities for bolstering cyber security, its potential for exploitation by malicious actors shouldn't be ignored. AI's strength lies in its ability to analyze massive datasets. This very strength can be turned against us. In the present day, our approach to cyber security involves developing solutions that counteract cyber attacks. However, should these attacks evolve and multiply exponentially due to the advent of artificial intelligence, our strategy must also adapt.
“The most effective method to safeguard our systems in this scenario would be to leverage AI to compete against its own potential threats in real time. This perspective introduces a novel concept: a cyber security landscape where AI engages in a continuous battle against cyber threats. Unlike traditional warfare, this battlefield knows no seasons or holidays; it is a relentless, 24/7 endeavor to protect our digital assets.”
