Evening Telegraph

Protective measures introduced to tackle ‘serious and sustained’ Russian threat

Britain has put in place a number of “protective” measures to guard against Russian cyber activity in the wake of the Salisbury attack, a senior intelligence official has disclosed.

Ciaran Martin, chief executive of the National Cyber Security Centre, said Russia poses a “serious and sustained” threat that pre-dates the nerve agent poisoning earlier this year.

He said: “We’ve been on heightened alert since the horrors of Salisbury and have put in place various protective measures.

“I can’t really go into the detail of the day-to-day intelligence picture of what we are spotting, but let me be clear – we remain on high alert.

“Russia has been a serious threat to our cyber security interests for a considerable period of time and continues to be so.”

Mr Martin noted Russia has tended to target “critically important” national assets rather than mounting “consumer or citizen-facing” attacks.

The UK’s relationship with Moscow has been in crisis since former spy Sergei Skripal and his daughter were left critically ill after being poisoned with the nerve agent Novichok in March.

Last week, police investigating the attack identified two Russian nationals, said to be operatives of the country’s GRU military intelligence service, as suspects.

The revelation sparked suggestions that the UK could mount retaliatory cyber strikes.

Mr Martin told BBC Radio 4’s Today programme: “Let’s not get too hung up on the cyber dimension to the Government’s response.

“There’s a full range of tools available to the state. And you would never comment on sources and methods that might be used by intelligence services because, naturally, that detail is sensitive.”

The NCSC, which is part of intelligence agency GCHQ, was established in October 2016 to spearhead efforts to counter the mounting danger from cyber-criminals and hostile states.

Mr Martin said: “Our job is to make the UK the hardest target possible and the most resilient target possible – whether that’s from a Russian attack, another state attack, or from criminal groups who are going to damage the economy.”

He emphasised that the Russian cyber threat is only one part of a multi-dimensional risk picture.

In its first year, the NCSC registered 590 “significant” cyber incidents across the UK. Attack targets included key national institutions, businesses and other organisations.

Mr Martin said cases range from “deeply covert” hostile state acts to criminal attacks that, while not particularly sophisticated, can have “huge public impact”.

On Wednesday, the centre published new guidance for corporate leaders to equip them with the basic technical details necessary to understand the threats their firms face in cyber space.

The NCSC recommends that boards ask five questions about their company’s IT security: How do we defend our organisation against phishing attacks? What do we do to control the use of our privileged IT accounts?  How do we ensure that our software and devices are up to date? How do we ensure our partners and suppliers protect the information we share with them? And what authentication methods are used to control access to systems and data?