UK threatens to name and shame state backers of cyber-attacks

Owen Bowcott Legal affairs correspondent
Updated
Jeremy Wright
Jeremy Wright QC, the attorney general, is calling for sanctions to be applied against countries that exploit cyberspace for illegal purposes. Photograph: Mark Thomas/Rex/Shutterstock

Britain will name and shame foreign states that hire hackers to carry out cyber-attacks or interfere via the internet in national elections, the attorney general is to warn.

In a speech referring to Russian and North Korean “campaigns of intrusion”, Jeremy Wright QC will call for international sanctions to be applied against countries that exploit cyberspace for illegal purposes.

“If it would be a breach of international law to bomb an air traffic control tower with the effect of downing civilian aircraft, then it will be a breach of international law to use a hostile cyber operation to disable air traffic control systems which results in the same, ultimately lethal, effects,” Wright will tell an audience at Chatham House in central London.

His comments, which follow an FBI inquiry into alleged Russian interference in the 2016 US presidential election, are intended to deter hacking attacks from abroad and attempts by foreign states to influence domestic politics.

Wright is keen to ensure that international law keeps up with the rapid pace of technological development and that the international community does not let cyberspace degenerate into a “lawless world”.

He will say the UK is prepared to identify states that recruit proxy actors or hackers to disguise the source of online attacks. Countries targeted have a right to take necessary and proportionate action to stop them, he will say.

The WannaCry ransomware incident last year, which affected the NHS, was attributed by the UK and its allies to North Korean-sponsored hackers.

The new National Cyber Security Centre has a mandate to protect the UK’s interests in cyberspace. In the past year it identified on average 4.5m malicious emails per month. The UK government has said it is investing £1.9bn in cybersecurity.

Other cyber-attacks in which the UK has named and shamed state actors include the hack and leak of Democratic National Committee emails in the run-up to the US election.

This year Britain blamed the Russian military for the NotPetya ransomware attack, which started in the Ukraine and spread around the world.

In April, the National Cyber Security Centre, the US Department for Homeland Security and the FBI issued a joint statement saying there had been an extensive and sustained Russian campaign of intrusions into the internet infrastructure of the UK and the US.

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories