Defending UK infrastructure and services from hostile cyberattacks
Image copyright Airbus Defence and Space UK
This month a year ago, a wave of hostile cyberattacks were launched against our National Health Service (NHS). Unleashing sophisticated ransomware software, the hackers targeted several NHS Trusts responsible for running UK hospitals and treating millions of patients.
The criminals stole terabytes of sensitive data and reduced doctors to the use of pen and paper for a prolonged period of time. This attack on IT infrastructure demonstrated the persistent and changing nature of the threat facing our country.
Launched against a service provider critical to the everyday running of our health service, the incident disrupted NHS services and followed a wave of cyberattacks against the UK’s public sector.
Attacks of this nature are something the National Cyber Security Centre (NCSC), part of the Government Communications Headquarters (GCHQ), has previously noted as an increasing danger. Publishing findings from between September 2020 and August 2021, the UK’s technical authority for cyber incidents reported that approximately 40% of the 777 incidents recorded targeted the public sector.
In the past, our adversaries needed to physically attack us to cause serious harm. More and more, the domains of space and cyber are becoming the modern theatres of war. Critical national infrastructure (CNI) has become a target for malevolent players.
Four months ago, the NCSC put critical infrastructure and services on heightened alert for cyberattacks. Issuing the national warning, Deputy Prime Minister, Oliver Dowden MP, urged UK companies to implement robust cybersecurity measures, citing the growing trend of Russia’s cyber tactics in Ukraine and the Royal Mail attack months before.
Yet it is not only hostile states which pose a threat. The use of commercial hacking tools and the growth of ‘hackers for hire’ is becoming increasingly prevalent. Therefore, in this complex and increasingly unstable environment, the private sector has an ever more important role to play in supporting both government and business to stay ahead of the threats our country faces.
I am privileged to see first-hand how the technology developed here in the UK ensures the security of critical national infrastructure and the safety of those who depend on it. No domain has more potential to challenge the security of our everyday life than space.
Already, much of the world’s critical infrastructure is heavily linked to the satellites in orbit above our planet. Whether it be scrolling on your phone or providing a secure line of communication for military operations, space is the common denominator but also a potential weak link.
Ensuring that this technology is protected demands an embedded and intuitive understanding of both cyber and physical threats that is built on decades of continued support provided to the UK military and NATO allies around the world. We, alongside others, continue to play an integral role in protecting and developing the UK and our allies’ network architecture to ensure that we always remain at the forefront of security innovation – a frequently unrecognised and evolving security task.
Acting as a trusted partner to government, our defence forces and British institutions, means always being alert and developing sovereign capabilities that are resilient to the most dynamic threats. Our mission is to ensure our country has both the tools and the skilled people to design and deliver advanced capability that protects our national security – something industry and government has a joint responsibility to foster.
In short, the August 2022 cyberattack on the NHS was a reminder that our adversaries are constantly looking for new ways to harm the UK and our allies. In the fast-paced and often unpredictable world we live in, we must be prepared for the rapidly evolving tactics and capabilities that our foes employ.
