ISC Attributes Cyber-Attacks and Election Interference to Russia

Russia has been named as a “highly capable cyber-actor” by the UK government’s Intelligence and Security Committee.

Claiming that “the UK is one of Russia’s top Western intelligence targets,” particularly given the UK’s firm stance against recent Russian aggression and the UK-led international response to the 2018 Salisbury attack, the ISC warned that Russia’s intelligence services are disproportionately large and powerful and are able to act without constraint. This has allowed a fusion between state, business and serious and organized crime making Russia an all-encompassing security threat.

In terms of the cyber-threat, the ISC report stated that Russia employs organized crime groups to supplement its cyber-skills and carries out malicious cyber-activity in order to assert itself aggressively with democratic interference having “undertaken cyber pre-positioning on other countries’ Critical National Infrastructure.”

The report claimed: “Given the immediate threat this poses to our national security, we are concerned that there is no clear coordination of the numerous organizations across the UK intelligence community working on this issue; this is reinforced by an unnecessarily complicated wiring diagram of responsibilities amongst Ministers.”

The report acknowledged the work of former chair Dominic Grieve MP, and did welcome the government’s increasingly assertive approach when it comes to identifying the perpetrators of cyber-attacks. The ISC, chaired by Dr Julian Lewis MP, encouraged the UK to encourage other countries to adopt a similar approach to ‘naming and shaming’ cyber-adversaries.

The report also addressed the issues of democratic interference, saying “protecting it must be a ministerial priority, with the Office for Security and Counter-Terrorism taking the policy lead and the operational role sitting with MI5.” It also said while social media companies hold the key they are “failing to play their part,” so the government must establish a protocol with these companies to ensure that they take covert hostile state use of their platforms seriously, with agreed deadlines within which such material will be removed.

In particular, it accused the government of being slow to recognize the existence of the threat of democratic influence, stating it was only understood after the Democratic National Committee email breach. “As a result, the government did not take action to protect the UK’s process in 2016.”

Acknowledging an “obvious inherent tension between the government’s prosperity agenda and the need to protect national security,” particularly with political business interests with Russian organizations, the ISC said Russia “poses a tough intelligence challenge and our intelligence agencies must have the tools they need to tackle it.”

This should lead to new legislation to tackle foreign spies, with the Official Secrets Act declared “not fit for purpose."

“More broadly, we need a continuing international consensus against Russian aggressive action,” the ISC said. “Effective constraint of nefarious Russian activities in the future will rely on making sure that the price the Russians pay for such interference is sufficiently high: the West is strongest when it acts collectively, and the UK has shown it can lead the international response.

Ray walsh, digital privacy expert at ProPrivacy, said: “The Russia report finally published today by the UK government confirms what cybersecurity experts have been calling attention to for many years; that the Russian government and its state-employed hackers are engaging in active cyber-warfare against the West, which includes phishing attempts against government agencies, the deployment of covert exploits designed to steal top-secret information and activities designed to influence the democratic elections of other nations.

“The release of the Russia report – and its direct allegations against the Kremlin – indicate a shift by the UK government towards actively identifying and assigning blame to state-sponsored cyber-warfare performed by Russia, a move that reveals the urgency of the problem and the immediate threat it poses to the UK's national security.

“Now that the UK has attributed blame, it will be interesting to see how exactly the government proceeds and what it can do to prevent those activities and produce actual changes in light of the findings.”

Cath Goulding, CISO at Nominet, said: “One of the main recommendations of the report is to establish a central responsibility for a coordinated response to these threats, rather than a ‘hot potato’ approach with no one government body taking the lead. This is aligned with our recommendations for government security – which requires large-scale, national protective interventions, to bring their citizens, businesses and economies a more secure environment.

“This means that there needs to be a breadth of security across government, all the way down to the local level, which is consistent, cohesive and coordinated. This is critical to ensure a high level of security across all departments, with no weak spots for threat groups to exploit, and greater awareness of the threats facing the UK. Not only will this facilitate a stronger security posture, but also more opportunities for international collaboration to mitigate attacks against governments.”

What’s Hot on Infosecurity Magazine?