Former GCHQ chief Hannigan warns of Russia’s aggressive approach to the cyberspace

Pierluigi Paganini June 11, 2018

According to former GCHQ chief, the recently discovered VPNFilter botnet is the demonstration that Russia appears to be live-testing cyberattacks.

Former GCHQ chief Robert Hannigan has warned that the availability of hacking tools in the main marketplaces is rapidly changing the threat landscape. Hannigan served as the director of the UK intelligence agency between November 2014 until January 2017.

Threat actors have an easy access to attack tools even without having specific knowledge.

Hannigan spoke had a keynote speech titled “Weaponising the web: Nation-state hacking and what it means for enterprise cybersecurity” at the Infosec conference in London last week.

Hannigan highlighted the risks associated with the operation conducted by nation-state actors that had dramatically increased over the last five years.

State-sponsored hackers pose a serious risk for enterprises as well as governments, the former GCHQ chief warned of Government APT group using crime gangs as a proxy machine hard the attribution.

“Nation state attacks using criminal group as a proxy” is a “fairly new issue.” Hacking tools are becoming a commodity for threat actors and represent problem companies.

Hannigan mentioned the activity conducted by North Korea-linked APT and Iranian state-sponsored hackers.

North Korean APT groups, like the infamous Lazarus APT crew, focused its activity on SWIFT network as well as crypto exchanges to steal funds.

“This is a rational state pursuing rational objectives,” explained Hannigan.

Hannigan warned of the intensification of the Iranian hackers that also targeted financial institutions.

Which is the greatest threat?

Russia, of course! Russia-linked APT groups are very sophistication and continuously target infrastructure worldwide. in some cases they demonstrated destructive abilities, like the attacks against the Ukrainian power grid.

Russia

According to Hannigan, the recently discovered VPNFilter botnet is the demonstration that Russia appears to be live-testing cyberattacks.

“It’s unclear if that was a mistake or an experiment,” Hannigan said. “Russia seems to be live testing things in cyber, as it has been [on the ground] in Syria, but it’s a doctrine we don’t fully understand.”

The former spy chief highlighted the risks associated with state-sponsored malware like WannaCry that caused billion dollars damages to organizations worldwide and severe problems to critical infrastructures, like hospitals in the UK.

“The problem is that the risk of miscalculation is huge,” Hannigan warned.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –Russia nation-state hackers, APT)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment