Russia is prepared to launch a wave of cyber attacks on Britain that could “turn out the lights for millions”, a Cabinet minister will warn at a Nato conference on Monday.
Vladimir Putin is willing and capable of triggering a “destabilising and debilitating” electronic strike on the UK, Pat McFadden will say.
Russia is “exceptionally aggressive and reckless in the cyber realm” and wants to gain a “strategic advantage and degrade the states that support Ukraine”, Mr McFadden, who oversees policy on national security and state threats, will warn.
The Chancellor of the Duchy of Lancaster will say there is an imminent risk of a Russian cyber attack on British infrastructure and businesses that could “shut down the power grids” and deal a hammer blow to the economy.
Addressing the Nato cyber defence conference in London on Monday, he will add that in the past year, the Russian military and its “unofficial army of cyber criminals and hacktivists” have “not just stepped up their attacks, but widened their targets to a number of Nato members and partners.
“In the UK, Russia has targeted our media, our telecoms, our political and democratic institutions and our energy infrastructure,” he will say.
“Military hard power is one thing. But cyber war can be destabilising and debilitating. With a cyber attack, Russia can turn the lights off for millions of people. It can shut down the power grids.”
The warning comes just days after Putin said that his military could target the UK in direct response to Ukraine’s use of British-made Storm Shadow missiles.
The Russian leader said that Russia had tested a new intermediate-range missile in a strike on Ukraine and that it could legitimately use the weapon against countries that had allowed their missiles to strike Russia, which include Britain and the US.
This embedded content is not available in your region.
Credit: Telegram / dnepr_operativ
Earlier this year, two NHS hospital trusts in London were hacked, causing the postponement of more than 800 planned operations and 700 outpatient appointments. The patients disrupted included those in need of cancer treatment and organ transplants.
The hack was thought to be the work of Qilin, a Russian cyber criminal gang. It took place via a ransomware attack on computers run by Synnovis, which provides pathology services to hospitals and GP surgeries.
Data published by the NHS in London showed that nearly 100 cancer treatments had to be postponed in a six-day period because of problems arising from the attack.
Last month, pro-Russian hackers claimed to have targeted several local councils. A group named NoName057(16) boasted that it had knocked the websites of the Salford, Bury, Trafford and Tameside councils out of use by flooding their websites with internet traffic.
‘Hacktivist’ threat
Mr McFadden will highlight the danger posed by “unofficial hacktivists” committing “increasingly frequent, and in some cases, increasingly sophisticated” attacks around the world.
“There are gangs of cyber criminals and mercenaries not directly under the Kremlin’s control, but who are allowed to act with impunity so long as they’re not working against Putin’s interests,” he will say.
“They recently targeted Nato’s Indo-Pacific partner South Korea in response to its monitoring of the deployment of North Korean troops to Kursk, where Russia is fighting Ukraine.
“And Russian state-aligned groups have taken responsibility for at least nine separate cyber attacks of varying severity against Nato states, including unprovoked attacks against our critical national infrastructure.
“These groups are unpredictable, they act with disregard for the potential geopolitical consequences, and with just one miscalculation could wreak havoc on our networks.”
He will say that Russia “won’t think twice about targeting British businesses” as Putin is “happy to exploit any gap in our cyber defences”.
Previous estimates have put the cost to the UK economy from cyber crime at £27 billion per year. Mr McFadden will meet business leaders this week, along with senior national security officials, to discuss how they can strengthen their defences against cyber attacks.
Ministers are drawing up legislation aimed at shoring up the UK’s defences against cyber attacks. The Cyber Security and Resilience Bill will strengthen regulators’ powers and force businesses to report attacks they currently brush under the carpet.
The Bill is expected to mandate that all providers of essential infrastructure understand and protect their supply chains from attack. The measures may also include improving the management of data on cyber attacks to learn lessons from previous hacks.
Ukraine used British-supplied Storm Shadow missiles in Russia for the first time this week. Joe Biden gave Kyiv the green light to use US-made long-range missiles inside Russia, paving the way for restrictions to be lifted on the UK’s Storm Shadows.