By David Young-
British officials have sounding the alarm over the widespread abuse of surveillance software and hackers-for-hire, targeted each year by an industry they described as posing an increasingly unpredictable threat.
The National Cyber Security Centre (NCSC), a branch of GCHQ, published a report on Wednesday warning of the “rising threat” to individuals and organisations from commercial spyware tools as it warned of a menacing market believed to be mainly perpetrated by Russians
AD: Capeesh Restaurant
The NCSC said more than 80 foreign states have already purchased hacking software over the past decade, with some using it to target journalists, businesses, human rights activists, political dissidents and government officials.
“There is another new front opening, as we see more and more adversaries able to buy and sell sophisticated cyber tools and spyware like Pegasus,” senior British minister Oliver Dowden told an NCSC conference in Belfast on Wednesday, referring to spyware made by Israel’s NSO Group.
“These are the types of tools that we used to only see in a handful of powerful state actors, and which can cause serious damage,” Dowden added.
AD: Oysterian Sea Food Restaurant And Bar
In a statement, NSO repeated its longstanding assertion that its technology was used “for the sole purpose of fighting crime and terror”.
Other alleged dangers have been highlighted by researchers too. On Tuesday, Canadian internet watchdog group Citizen Lab published a report which said that NSO had been caught using newly discovered hacking tools to break into iPhones belonging to Mexican human rights defenders in 2022.
The NCSC also warned about hackers-for-hire, mercenary spies whose activities it said “raise the likelihood of unpredictable targeting or unintentional escalation”.
The report comes as some in the surveillance industry see regulation coming down the pipe and are taking steps to try to shape it.
In a letter sent last week to the American Bar Association, NSO General Counsel Shmuel Sunray lobbied against a proposed ABA resolution calling for a moratorium on the purchase, sale or use of commercial spyware, arguing that companies with an “established human rights compliance programme” – which NSO says it has – should be exempted from any such ban.
The intelligence body warned that the grey market will “almost certainly” expand over the next few years as hacking tools become more readily available, making it easier for foreign states such as Russia and China and rogue actors to target UK cybersecurity.
Jonathon Ellison, director of resilience at the NCSC, said this would “have a profound impact on the threat landscape” over the next five years, with attacks on individuals more frequent and “unpredictable”.
He said the UK “should expect to see high-profile exposures of victims”, with thousands of people already targeted every year as major hacking networks operate “at scale”.
It comes after Cabinet Office minister, Oliver Dowden, warned earlier on Wednesday that rogue Russian hacker groups are preparing to “disrupt or destroy” critical British infrastructure.
Related Article
Russia may already be sabotaging UK targets in North Sea, says security expert
WORLD
Russia may already be sabotaging UK targets in North Sea, says security expert
Read More
Speaking at the Cyber UK conference in Belfast, Mr Dowden likened the Russian operators to the Kremlin-linked Wagner Group of mercenaries, warning that “these [cyber] adversaries are ideologically motivated, rather than financially motivated”.
The Chancellor of the Duchy of Lancaster issued a “call to arms” to businesses to strengthen their security, as he announced plans to set “ambitious cyber resilience targets” for all critical national infrastructure sectors to meet within two years.
“A bricks-and-mortar business wouldn’t survive if it left the back door open to criminals every night. Equally in today’s world, businesses can’t afford… to leave their digital back door open to cyber crooks and hackers,” he said.
The NCSC has warned that the hacking marketplace is quickly becoming flooded with “off-the-shelf” spyware products and a growing number of hackers-for-hire — cyber experts who are paid to covertly infiltrate personal and company equipment to acquire information.
An investigation by the Sunday Times and the Bureau of Investigative Journalism last year revealed that hackers based in India were targeting British businesses, government officials and journalists at the behest of private investigators linked to the City of London.
Chris Mason, the BBC’s political editor, and former chancellor Philip Hammond were among senior public figures targeted. Mr Mason reportedly had his personal computer devices hacked just three weeks after being appointed by the BBC, while Mr Hammond was targeted whilst dealing with the fallout of Russia’s Novichok poisonings in Salisbury.
But whilst state-sponsored hacking continues to stoke concern, ransomware attacks by criminals remain the biggest threat to British national security and businesses, according to the NCSC.
Ransomware attacks usually paralyse a target’s computer networks until a payment is made, with most of the criminal groups responsible based in and around Russia, the organisation said.
Russian-linked cyber criminals earlier this year published vast swathes of stolen Royal Mail data on the dark web after the company refused pay a £65.7m ransom fee.
LockBit, a ransomware group based in Russia, claimed to have released the personal details of more than 200 postal workers after Royal Mail failed to respond.
Royal Mail said it believed “the vast majority of this data is made up of technical programme files and administrative business data” and that no employee details had been compromised.
AD: Heritage And Restaurant Lounge Bar