Russia must do more to tackle cyber criminals which are operating from within in its territory, the UK’s Foreign Secretary Dominic Raab has warned.
In a speech at the National Cyber Security Centre’s (NCSC) CYBERUK 21 conference, Dominic Raab called out nation-state backed hacking campaigns by North Korea, Iran, Russia and China, who he accused of of using digital technology “to sabotage and steal, or to control and censor.”.
The UK, alongside the US called out Russia’s involvement in the SolarWinds supply chain hack which led to the compromise of several government agencies, technology firms and cybersecurity companies – but Raab argued that these states also need to take responsibility for cyber criminals operating within their borders.
For example, the Colonial Pipeline ransomware attack – which has disrupted fuel supplies across the US East Coast – was apparently carried out by cyber criminals using DarkSide ransomware-as-a-service – a ransomware group which like many others, is highly suspected to be operating out of Russia.
Some argue that Russia tolerates cyber criminals which attack targets in the West – so long as they stay away from Russian targets. Many of the most notorious ransomware gangs tailor the code of their malware to uninstall itself if it detects that the machine is set to the Russian language or has an IP address in a former Soviet nation.
Ransomware attacks have caused a great deal of disruption around the world – and Raab accused the Kremlin of sitting back as “industrial scale vandals of the 21st century” caused chaos from within its borders.
“When states like Russia have criminals or gangs operating from their territory, they can’t just wave their hands and say nothing to do with them – even when it’s not directly linked to the state, they have a responsibility to prosecute those gangs and those individuals, not to shelter them,” said Raab.
Cyber threats from nation-states, cyber criminals – and everything in between – will keep coming, but the Foreign Secretary said the UK is improving its capabilities when it comes to defending against cyber attacks.
“We’re getting better at detecting, disrupting and deterring our enemies. Acting with partners around the world, we name and shame the perpetrators,” said Raab.
“We did this last month with the SolarWinds attack, exposing the depth and the breadth of cyber activities by the Russian intelligence service, the SVR. And by revealing the tools and techniques malicious cyber actors are using, we can help our citizens and our businesses to see the signs early on and help them protect themselves from threats,” he added.
However, there’s no illusions that defending the UK from cyber threats will be an easy task.
“It’s is going to be a marathon, a war of attrition, but we will keep relentlessly shining a light on these predatory activities,” said Raab.
MORE ON CYBERSECURITY
- Ransomware: Don’t pay up, it just shows cyber criminals that attacks work, warns home secretary
- Congress confronts US cybersecurity weaknesses in wake of SolarWinds hacking campaign
- How do we stop cyber weapons from getting out of control?
- Colonial Pipeline attack reminds us of our critical infrastructure’s vulnerabilities
- Private firms can’t protect us from digital attacks. Government must step in