Russian cyberattacks an 'urgent threat' to national security

The long-delayed report says Russia has gained access to critical national infrastructure and conducted phishing attacks against government.
Written by Steve Ranger, Global News Director

Russia's cyberattack capabilities -- and its willingness to use them -- pose an "immediate and urgent threat" to the UK's national security, according to a report from a committee of MPs.

The long-awaited and much-delayed Russia report from the UK parliament's Intelligence and Security Committee (ISC) describes how it sees Russia's abilities to use malicious cyber activities to further its aims.

"Russia's cyber capability, when combined with its willingness to deploy it in a malicious capacity, is a matter of grave concern, and poses an immediate and urgent threat to our national security," the report said.

SEE: How to become a cybersecurity pro: A cheat sheet (TechRepublic)

The ISC said that Russia carries out malicious cyber activity in order to assert itself aggressively -- by attempting to interfere in other countries' elections, for example -- and that it has used organised crime groups to supplement its own in-house cyber skills.

The report warned that Russia's hackers have been gaining access to the critical national infrastructure of other countries, which could later be used to disruptive effect. The report noted that there had been Russian cyber intrusion into the UK's critical infrastructure, although details of the affected sectors have been redacted.

The report also said that Russian intelligence has orchestrated phishing attempts against government departments, including against the Foreign & Commonwealth Office (FCO) and the Defence Science and Technology Laboratory. Separately, Russia has recently been accused of attempting to hack into companies working on COVID-10 vaccine research.

"Given the immediate threat this poses to our national security, we are concerned that there is no clear coordination of the numerous organisations across the UK intelligence community working on this issue", the report said.

However, the report did note that the government is taking a new approach to tackling these attacks, which involves identifying, and laying blame on, the perpetrators of cyberattacks. While the UK has historically been reticent in attributing cyberattacks to a particular foreign power, naming and shaming attackers is correct, the committee said: "This must be the right approach; there has to now be a cost attached to such activity."

SEE: Russia says Germany has not provided any evidence of Bundestag hack

The report also mentioned other digital tools used by Russia as part of its broader attempts at disinformation and political influence, such as the use of bots and trolls, which are used to push a particular narrative or simply to create disruption. Another technique the report mentions is 'hack and leak', which was used in relation to the US presidential election in 2016; it has also been widely alleged that Russia was responsible for a similar attack on the French presidential election in 2017. Russia has denied any involvement in these events. "Russia has not and will never interfere in the internal affairs of the United Kingdom, especially in the context of democratic elections," Russia' UK embassy said recently.

But the UK was slow to respond to the changing Russian strategy; it was only when Russia completed its 'hack and leak' operation against the Democratic National Committee in the US -- with the stolen emails being made public a month after the EU referendum -- that it appears that the government "belatedly" realised the level of threat that Russia could pose in this area, the report said.

Editorial standards