UK cyber chiefs warn organisations to guard against wave of Russian web attacks

The National Cyber Security Centre has issued a fresh warning to Government bodies, tech companies and financial institutions to ensure they are safe from Russian state-backed hackers

Top UK cyber security officials have issued a fresh alert to Government agencies, tech firms, and financial institutions, urging them to bolster their defences against Russian state-sponsored hackers.

In a joint advisory with US security agencies, the National Cyber Security Centre (NCSC) has revealed the latest tactics employed by Russia's foreign intelligence service, the SVR, to gather intelligence that could aid future cyber operations, including those related to the ongoing conflict in Ukraine.

The warning highlights the SVR's large-scale exploitation of cyber vulnerabilities, targeting two types of victims. The first of these are “targets of intent”, and include Government and diplomatic bodies, think tanks, tech companies, and financial institutions. The second are “targets of opportunity”, where the SVR scans internet systems to look for vulnerabilities that could be exploited.

UK organisations suspecting they have fallen victim to such Russian cyber attacks are advised to report to the NCSC. Paul Chichester, NCSC Director of Operations, cautioned: "Russian cyber actors are interested in and highly capable of accessing unpatched systems across a range of sectors, and once they are in, they can exploit this access to meet their objectives."

"All organisations are encouraged to bolster their cyber defences: take heed of the advice set out within the advisory and prioritise the deployment of patches and software updates."