Russia has been focusing its cyber attacks on Ukraine rather than escalating attacks against the West in response to decisions by the US and UK to allow Ukraine to use long-range missiles on Russian territory.
In an interview with Computer Weekly, Paul Chichester, the director of operations at the National Cyber Security Centre (NCSC) within the Government Communications Headquarters (GCHQ), noted that Russia had not tactically used cyber attacks in response to increased military support for Ukraine.
While Russian cyber operations have been heightened since the start of the Ukraine conflict, their primary goal remains to support military operations on the Ukraine battlefield, Chichester explained.
Former NCSC CEO Ciaran Martin, who now serves as a director at the SANS Institute, mentioned that initial predictions of a widespread cyber campaign against the West following the Ukraine war have not materialized.
On a separate note, Chichester highlighted that the NCSC is closely monitoring attacks by the Chinese hacking group Salt Typhoon, which has targeted US telecom networks, potentially putting millions of people’s personal information at risk.
Chichester emphasized that the UK government is working collaboratively with telecom companies to enhance security regulations and technologies to fend off various potential cyber attacks.
Salt Typhoon
The NCSC is actively assessing the impact of the Salt Typhoon threat on the UK and remains vigilant in addressing any vulnerabilities that could be exploited by threat actors.
Moreover, there is a continuous exchange of information between the NCSC and telecom companies to explore effective security measures and technologies to mitigate cyber risks.
Attribution of attacks
Former NCSC CEO Martin emphasized the importance of disclosing the identity of nation-state hackers when known, unless there are compelling reasons not to do so.
Chichester highlighted that publicly identifying attackers can facilitate communication with companies to prompt necessary actions to enhance their security posture.
Attributions of cyber attacks serve various purposes, including building coalitions and increasing the political cost of such attacks, Chichester added.
Martin noted that attributions accompanied by court indictments naming individuals responsible for hacking operations can significantly bolster credibility and serve as a deterrent.
