Millions of companies across Britain were today warned to prepare for a Russian cyber attack as the UK placed sanctions on three wealthy allies of Vladimir Putin and five banks in response to the ‘renewed invasion’ of Ukraine.
GCHQ’s National Cyber Security Centre (NCSC) urged UK organisations to ‘bolster their online defences’ and warned that there has been an ‘historical pattern of cyber attacks on Ukraine with international consequences’.
Ukrainian banking and government websites were last week briefly knocked offline by a spate of distributed denial of service (DDoS) attacks which the US and Britain said were carried out by Russian military hackers – something the Russians denied. This will prompt concerns that the same sort of attack could now be attempted in the UK.
Defence Secretary Ben Wallace also said the UK will launch retaliatory cyber attacks on Russia if it targets Britain’s computer networks, and that ‘offensive cyber capability’ was being developed from a base in North West England.
It comes after Home Secretary Priti Patel warned over the weekend that the UK Government expects to see ‘cyber attacks aimed at the West’, while NCSC chief executive Lindy Cameron told of a ‘heightened cyber threat’.
And in recent weeks the Financial Conduct Authority watchdog has written to the chief executives of UK banks warning them to brace for Russian-sponsored cyber attacks and to ensure their security systems are updated.
But former NCSC chief executive Ciaran Martin has also urged calm, saying that there is no reason for people in Britain to be ‘cowering in bunkers over fear of cyber attacks’ – and planes would not start to ‘fall from the sky’.
Meanwhile six European Union countries were today sending a team of cybersecurity experts to Ukraine to help deal with cyber threats, after Russia formally recognised two breakaway regions in eastern Ukraine.
An NCSC spokesman said: ‘Following Russia’s further violation of Ukraine’s territorial integrity, the National Cyber Security Centre has called on organisations in the UK to bolster their online defences. The NCSC – which is a part of GCHQ – has urged organisations to follow its guidance on steps to take when the cyber threat is heightened.
Defence Secretary Ben Wallace (pictured at a meeting today of the defence ministers of the Joint Expeditionary Force nations at Belvoir Castle in Leicestershire) said the UK will launch retaliatory cyber attacks on Russia if it targets Britain’s networks
Prime Minister Boris Johnson (left) returns to Downing Street in Westminster today after warning that Russian President Vladimir Putin (right, pictured at the Kremlin in Moscow yesterday) is bent on ‘a full-scale invasion of Ukraine’
GCHQ’s National Cyber Security Centre (NCSC) urged UK organisations to ‘bolster their online defences’ in a statement today
‘While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine with international consequences. The guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack.’
Lithuania, Netherlands, Poland, Estonia, Romania, Croatia are sending a team of experts set up to help other EU countries, institutions and partners to cope with cyber threats, in response to a request from Ukraine.
Lithuania’s Deputy Defence Minister Margiris Abukevicius said: ‘Ukraine might need help to deal with particular incidents or support to test their infrastructure looking for security weakness.’
Yesterday, Ukrainian Foreign Minister Dmytro Kuleba said that Russia had been using hybrid tactics to ‘escalate the situation’.
‘We see disinformation campaigns, we see cyber attacks. We see open fakes distributed about Ukraine, and we see increased military activity,’ Mr Kuleba told reporters in Brussels.
Ukrainian cybersecurity bodies have warned of impending attacks, with a couple of major attacks on government websites recently observed.
Mr Kuleba called on the EU to take decisions that would ‘send clear messages to Russia that its escalation will not be tolerated and Ukraine will not be left on its own.’
‘This includes not only political messaging, political signals, but also some very specific acts like supporting the development of our defence sector, supporting Ukraine’s cybersecurity, imposing some of the sanctions,’ he added.
Russian military hackers were behind a spate of distributed denial of service (DDoS) attacks that briefly knocked Ukrainian banking and government websites offline, the US and the UK both said last Friday.
But Russia has denied any role in the DDoS, which inflicted relatively limited disruption on Tuesday last week.
A Foreign, Commonwealth and Development Office spokesman said last Friday: ‘The UK government judges that the Russian Main Intelligence Directorate (GRU) were involved in this week’s distributed denial of service attacks against the financial sector in Ukraine.
‘The attack showed a continued disregard for Ukrainian sovereignty. This activity is yet another example of Russia’s aggressive acts against Ukraine.
‘This disruptive behaviour is unacceptable – Russia must stop this activity and respect Ukrainian sovereignty. We are steadfast in our support for Ukraine in the face of Russian aggression.’
Russian armoured vehicles are pictured today in Rostov-on-Don on the Russian side of the Ukrainian border
US ambassador to the UN Linda Thomas-Greenfield leads international condemnation of Russia at an emergency session of the UN security council convened in New York yesterday after he recognised parts of eastern Ukraine as independent
Mr Wallace said this week that UK cyber experts are working with Ukraine to help to protect it from Russian activity.
And Labour’s Hilary Benn, MP for Leeds Central, today asked Mr Wallace in the Commons about sanctions in relation to cyber attacks.
He said: ‘Can he tell the House what the Government’s response would be if the action taken by Russia say took the form of a no-fly zone over Ukraine or blockading of its ports or repeated and significant cyber attacks on Ukrainian institutions and Governments. In those circumstances would the Government respond with the full sanctions it’s obviously been discussing?’
Mr Wallace replied: ‘I think he is absolutely right. Many of these aggressive moves like a no-fly zone, in other words the threatening of the integrity of that sovereign state, a blockade to free trade would absolutely warrant a response ranging from sanctions and others.
‘I think we would look at it at the time, but absolutely I agree with him… Russia should be under no illusion that threatening the integrity of a sovereign nation whether that’s in the air or on the sea is exactly the same as threatening it on the land.’
Also in the Commons today, the Labour MP for Knowsley, Sir George Howarth, said: ‘For over a decade Russia has been mounting cyber attacks on our critical national infrastructure and commercial infrastructure. For over a decade and there were no consequences.
‘For over a decade Russia has been swirling dirty money around the City of London with no consequences.
‘In order for Vladimir Putin to understand that he has now gone too far, he needs to be certain that if sanctions and diplomatic means don’t succeed, then there will be consequences. Can the Prime Minister agree with me that those consequences need to be still on the table and Vladimir Putin needs to understand that they will be used?’
Prime Minister Boris Johnson replied: ‘We need to make it absolutely clear to Russia that as a result of this venture, this ill-conceived and disastrous venture in Ukraine, his country will end up, as I have said, poorer, more encircled by Nato, and engaged in a disastrous conflict with fellow Slavs – and a pariah state.
‘That is what President Putin is willing on his people, a pariah state.’
And Liberal Democrat MP Jamie Stone told the Commons yesterday: ‘We should be clear; if Russia invades Ukraine, massive sanctions will rightly be placed on Russia, and if that happens, we can expect a salvo of cyber attacks on the United Kingdom.’
Urging calm over cyber attacks yesterday, Mr Martin told the i: ‘People are worried that a cyber attack could cause planes to fall from the sky, but to gain a covert presence and control of an air traffic control system without anybody noticing, through all its safety overrides and bring a plane crashing down would be incredibly hard and would take ages.
‘Secondly, any air traffic control system worthy of the name would have a plan to deal with the total collapse of the system – countries model this sort of thing all the time.’
He continued: ‘No one should be cowering in a banker over fear of a cyberattack, but the chances of accidental contamination or an even more permissive attitude to some pretty damaged Russian-based cyber crime are things we have to alert to.’
Defence Secretary Ben Wallace (pictured speaking, right) meets fellow ministers in Leicestershire today to discuss Ukraine
Boris Johnson told the Commons today that the UK is ready to go further on sanctions if the situation deteriorates even more
Authorities in Vienna are also stepping up surveillance of potential cyber threats to Austrian government institutions. The country’s foreign ministry was targeted in a cyber attack two years ago that was traced to Russia.
Today, Mr Johnson said Britain is sanctioning three wealthy allies of Mr Putin and five Russian banks, as he announced a ‘first barrage’ of punitive measures in response to the ‘renewed invasion’ of Ukraine.
The Prime Minister warned today that Moscow sending troops into the Donbas region under the guise of being ‘peacekeepers’ appears to be the Kremlin ‘establishing the pretext for a full-scale offensive’, with nearly 200,000 troops amassed on Ukraine’s border.
Mr Johnson told the Commons that immediate sanctions are being deployed against three ‘very high net wealth individuals’ – Gennady Timchenko, Boris Rotenberg and Igor Rotenberg – whom he described as ‘cronies’ of the Russian president.
The sanctions, which include UK asset freezes, a travel ban and prohibition on British individuals and businesses dealing with them, were also tabled against Russian banks Rossiya, IS Bank, General Bank, Promsvyazbank and the Black Sea Bank.
‘This the first tranche, the first barrage, of what we are prepared to do, and we hold further sanctions at readiness to be deployed,’ Mr Johnson told MPs, before warning it is ‘inevitable’ he will return with a ‘much bigger package’.
The Prime Minister also applied pressure on European football governing body Uefa not to hold its Champions League final in St Petersburg in June, saying there should be ‘no chance of holding football tournaments in a Russia that invades sovereign countries’.
Mr Johnson added: ‘The House should be in no doubt that the deployment of these forces in sovereign Ukrainian territory amounts to a renewed invasion of that country.
‘And by denying Ukraine’s legitimacy as a state – and presenting its very existence as a mortal threat to Russia – Putin is establishing the pretext for a full-scale offensive.’
But he faced calls to go further on sanctions now from Sir Keir Starmer, as well as some Tory MPs.
The Labour leader said he understands the tactic of holding back sanctions to deter an invasion past the Donetsk and Luhansk regions in the east of Ukraine but said ‘a threshold has already been breached’.
He said a sovereign nation ‘has been invaded in a war of aggression’, and ‘if we do not respond with the full set of sanctions now, Putin will once again take away the message that the benefits of aggression outweigh the costs’.
Former Tory leader Sir Iain Duncan Smith suggested Russia should be hit ‘hard and hit them now’ to increase the pain of the current incursion.
Commons Defence Committee chairman Tobias Ellwood said ‘sanctions alone will not be enough’ and warned that ‘untargeted sanctions may play into Putin’s plan to pivot Russia ever-closer to China’.