'The Russians have advanced their trade since NotPetya': Why UK business needs to reassess state-backed threats
Jonathan Wood, an ex- government military professional and the CEO and Founder of C2 Cyber, explains why the combination of the pandemic and the escalating conflict in the Ukraine could spell disaster for some UK organisations
UK-based organisations are more at risk than ever of cyber attack from Russia thanks to the effects of the Coronavirus pandemic and the escalating conflict in Ukraine.
That's the opinion of Jonathan Wood, ex- government military professional and the CEO and Founder of C2 Cyber.
Part of the issue, according to Wood, is that the workforce is now more likely to be geographically spread, with office-based working less common now than before the pandmic.
"Post-pandemic nobody cares where their workforce lives besides HMRC. Our own sales director for instance lives near Kiev. Then he saw a bunch of tanks go past his apartment window and decided to move back to Cobham."
He explained that we use our telephony infrastructure in the UK with little fear of being tapped, but this risk can be higher in other parts of the world, perhaps where some staff operate.
"We're seeing everyone behaving as if there's one set of rules but that's just not true out there. In some countries they might decide to put someone under surveillance. In Britain that needs the approval of the Home Secretary. In some countries it's simply up to the local police.
Wood also pointed to the increasingly casual use of consumer-grade communication tools for business.
"We're also seeing new communication tools being used all the time, like Telegram, Signal, WeChat. Are they safe? There is a threat there."
He cited the example of shipping firm Maersk which suffered a major ransomware attack in 2017.
"NotPetya found its way into Maersk via their Ukrainian accountancy partner. It was a small, family-run business which had a direct connection to Maersk via API, and it ended up taking their entire IT estate down completely. They ended up trying run their operation over WhatsApp.
"They had to pay the attackers to get their data back so they'd know what was in their own containers.
"That was a few years ago, the Russians have advanced their trade since then."
Another example is the Florida water treatment plant which was hacked in February 2021. Hackers were able to connect to the plant's control functions online, and alter the chemical balance of a town's water supply.
"If that hadn't been caught people in the town would've died," said Wood. "They made it possible to remotely control the plant using [remote desktop software] TeamViewer, because they didn't want their engineers to have to physically visit the site during the pandemic.
"That's not a hack, that's the fault of the owners, the attackers didn't have to try very hard."
So how at risk is the UK given that most organisations based here suffer from similar issues; our staff often work remotely, we use all kinds of communication tools and everything's web-connected for convenience?
Wood believes the risks are real, but adds that new regulation is set to help the situation.
"It's important to scale vendor risk management. Now anyone regulated by the FCA needs to look further down their supply chains to see where their data is going, and check if it's secure. Previously you only had to check your direct partners, now you need to go down to the fourth and fifth layers. Is your data secure on that iPad that an intern working at a fourth party provider accidentally left on a train? Is it encrypted, does the device have two-factor authentication?
"Our factories, and elements of our critical national infrastructure have been connected directly to the internet during the pandmic. Broadcasting over the internet without te right security is a bad idea, but the problem is that the right security is usually hardware made in Shenzhen. And over the last couple of years demand for those tools has well outstripped supply.
"It's a miracle we haven't had accidents caused by negligence let alone created by a malicious foreign power," Wood concluded.