A “whole of society” approach to cybersecurity is needed to protect the UK amid Russia’s war in Ukraine, a Government minister has said.
Chancellor of the Duchy of Lancaster Steve Barclay told the National Cyber Security Centre’s (NCSC) CyberUK conference in Newport, Wales, on Wednesday that Russia still poses a significant threat to the UK.
He said one major Russian-based organised crime cyber group has been behind failed ransomware attempts in the UK to steal personal data in order to exchange it for a ransom payment, with 53 victim reports in the past year.
Mr Barclay, the minister responsible for cybersecurity, said: “It is vital that we adopt a ‘whole of society’ approach to cybersecurity.
“It’s a job for us all. Preserving our core values of democracy and free speech while keeping people safe online – as we are doing through our Online Safety Bill – depends on the UK having robust cyber defences.
“We will achieve these by harnessing our collective strengths and acting as one. It is for this reason that our National Cyber Strategy treats the cyber domain no longer as a niche concern simply for the IT team – but as a wide-ranging grand initiative.
“Responsible, durable, effective cyber power cannot be achieved by government alone; we want to see industry, universities, schools and individual citizens getting involved.”
Also speaking at the conference, NCSC chief executive Lindy Cameron echoed that view, saying it was vital for cybersecurity experts to “empower everyone” and to “mobilise every individual to stand up for the collective safety of our community”.
“We need to help people develop that instinct for spotting digital duplicity,” she said.
“The threats are not going away – it will change but it won’t go away – and we must be savvy enough to respond to those changes.
“So we need to help people help themselves. That way we can build a well-prepared, resilient nation that sees the digital world as exciting, vibrant and rewarding, not scary, confusing and dull.”
Mr Barclay added that the “greatest cyber crime threat to the UK” will come from ransomware attacks – a form of malware that encrypts a victim’s files.
He continued: “While attempted attacks are concerning, we can draw positives. Our controls quickly spotted them. And in deploying rapid incident responses, we cull useful evidence to share with the wider sector, helping mitigate against similar-style attacks.
“By following cyber essentials guidance, we will all be better protected against attacks. Together, the whole of society can make the UK a responsible, democratic and well-protected cyber power – taking full advantage of the very best that cyber has to offer.”
On Wednesday, the UK and its cybersecurity partners in the US, Australia, Canada and New Zealand issued a joint advisory to IT service providers and their customers with guidance on how to protect themselves and their supply chains in the wake of Russia’s invasion of Ukraine.
The advisory encourages firms to adopt multi-factor authentication – an added layer of log-in security – and ensure that all software and operating systems were up-to-date as well as prioritising the patching of any known vulnerabilities.
It comes after Sir Jeremy Fleming said on Tuesday that the current “serious global economic situation” means “the need to make the UK the safest place to live and do business online is ever more relevant”.
He outlined our work to improve levels of cyber resilience in the United Kingdom.
— GCHQ (@GCHQ) May 10, 2022
The GCHQ director had said the UK must continue to focus on cyber criminals and other bad actors who are constantly adapting their tactics in an effort to make money through illegal activities.
He said the National Cyber Force (NCF) – a partnership between GCHQ and the Ministry of Defence – has been working to “disrupt” cyber crime and has done so on an “immense scale”.
He also warned the UK and other countries who are standing with Ukraine against Russia’s ongoing invasion must continue to boost their own cybersecurity capabilities.
He said GCHQ has seen indications that “Russia’s cyber operatives continue to look for targets in countries which oppose their actions”.
“There’s plenty of cyber about, including a range of activity we and partners have attributed to Russia,” he said.
“We’ve seen what looks like some spillover of activity affecting other countries.
“That’s why we have increased our efforts to ensure UK businesses and Government urgently improve levels of cyber resilience.
“And why, with our allies, we will continue to support Ukraine in shoring up their cyber defences.”