Newly detected state-aligned groups are often sympathetic to Russia’s invasion of Ukraine and are ideologically, rather than financially, motivated. Credit: REDPIXEL.PL/Shutterstock The UK National Cyber Security Centre (NCSC) has issued an alert to critical national infrastructure (CNI) organisations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia’s invasion of Ukraine. The alert states that newly emerged groups could launch “destructive and disruptive attacks” with less predictable consequences than those of traditional cybercriminals, with CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened.The alert was issued on the first day of the NCSC’s CYBERUK conference in Belfast, where experts have gathered to consider topics under the theme of securing an open and resilient digital future. It also comes in the same week as new research that revealed the cost-of -living crisis could trigger a surge in cyberattacks and security issues impacting the UK’s CNI sector.New class of Russian cyber adversary ideologically, rather than financially motivatedOver the past 18 months, a new class of Russian cyber adversary has emerged, the NCSC wrote. These state-aligned groups are often sympathetic to Russia’s invasion and are ideologically, rather than financially, motivated. “Although these groups can align to Russia’s perceived interests, they are often not subject to formal state control, and so their actions are less constrained and their targeting broader than traditional cybercrime actors. This makes them less predictable,” the NCSC said. While activity of these groups often focuses on DDoS attacks, website defacements, or the spread of misinformation, some have stated a desire to achieve a more disruptive and destructive impact against western CNI, including in the UK, according to the NCSC. “We expect these groups to look for opportunities to create such an impact, particularly if systems are poorly protected.” The threat actors may also become more effective over time, so businesses must act now to manage the risk against successful future attacks, the NCSC said. CNI organisations urged to take sensible, proportionate steps to protect themselves“It has become clear that certain state-aligned groups have the intent to cause damage to CNI organisations, and it is important that the sector is aware of this,” said Dr. Marsha Quallo-Wright, NCSC deputy director for CNI. “In the wake of this emerging threat, our message to CNI sectors is to take sensible, proportionate steps now to protect themselves.The NCSC recommends that organisations implement measures described in actions to take when the cyberthreat is heightened, particularly the NCSC advice on secure system administration. Larger organisations could benefit from using the Cyber Assessment Framework (CAF) to help them identify areas for improvement. As if the security risks posed to UK CNI aren’t already significant enough, a new report has revealed the potential CNI security implications of economic hardship including insider threats, social engineering attacks, and reduced cyber budgets. The Cyber Security in Critical National Infrastructure Organisations: 2023 report found that over a third (34%) of organisations across UK CNI anticipate a rise in cybercrime as a direct result of the current economic crisis, with almost two-thirds (65%) of respondents having seen some reduction or a significant reduction in their organisation’s cybersecurity budget this year. Related content news Dell data breach exposes data of 49 million customers The company says the breach compromised non-critical customer data and involved no sensitive personal or financial information. By Shweta Sharma May 10, 2024 3 mins Data Breach Hacking feature Social engineering: Definition, examples, and techniques Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data. Train yourself to spot the signs. By Josh Fruhlinger May 10, 2024 15 mins Phishing Social Engineering feature Some strategies for CISOs freaked out by the specter of federal indictments Experts at this year's RSA Conference offered strategies to help CISOs cope with the prospect of facing federal indictments over their handling of cyber incidents. By Cynthia Brumfield May 10, 2024 7 mins CSO and CISO Legal Security Practices interview Strong CIO-CISO relations fuel success at Ally CIO Sathish Muthukrishnan and CISO Donna Hart have forged a partnership steeped in Ally’s culture of radical candor that keeps the financial services firm secure and innovative. By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe