The last two years have seen a rising cyber threat to the UK from states such as Russia and North Korea, the head of an agency tasked with protecting the country from hi-tech assaults has warned.
And the chief executive of the National Cyber Security Centre, Ciaran Martin, said that organised criminals have created a market in techniques such as data mining, giving access to such tools to a wider range of nations.
Targets for disruption by Russia have spread beyond the UK’s “hard infrastructure” such as energy networks to include democratic institutions and the media, he told the parliamentary Joint Committee on National Security Strategy.
And senior Cabinet minister David Lidington said that last year’s WannaCry ransomware attack, which paralysed computers across the NHS, had brought home the need for UK authorities to “get a greater grip” on the vulnerabilility of critical infrastructure.
Mr Martin told MPs and peers: “In the last two years, we have seen a consistent rise in the appetite for attack from Russia on critical sectors, as well as diversification to other sectors they may attack.
“In addition to the more traditional targeting of hard infrastructure, like energy infrastructure, we have seen against the West as a whole the targeting of softer power – democratic institutions, media institutions and things relating to freedom of speech.”
He added: “We have seen a diversification by North Korea away from what might be called political retaliation attacks into, frankly, the theft of money, which is what we believe was behind the WannaCry attack.”
Mr Martin said that cyber-crime had evolved in recent years to the point where the most sophisticated gangs were “operating almost at national state level”.
“There is a highly developed market in cyber-attack tools and techniques,” he explained.
“Things like money laundering capabilities and data mining capabilities, so states of more modest means can acquire those capabilities.”
Mr Lidington, who is effectively deputy to Prime Minister Theresa May, told the committee: “What we are seeing is a range of cyber threats from both nation states and cyber criminals, a rising level of threat with more frequent and more complex attacks and more sectors that we can identify as being at risk.
“Last year we saw attacks on CNI (critical national infrastructure) in the health, media, telecoms and energy sectors. We have become more aware in the last two years of the potential vulnerability of CNI supply chains as a target for attack.”
Mr Lidington said that attacks like WannaCry showed the vulnerability of networked computers to even a small-scale breach, like the insertion of an infected memory stick into a single machine.
“It is important we get a greater grip on these supply chains,” he said.
“We have also started to become even more aware than we were two years ago of the capacities of certain state actors and their readiness to use that cyber capability.”