The U.K.’s National Cyber Security Centre blamed hostile foreign states for the majority of the 1,167 attacks it has handled in the two years it’s been running, equivalent to 10 assaults a week.
In the organization’s second annual report, published Tuesday, Chief Executive Officer Ciaran Martin wrote he’s in “little doubt” the U.K. will be victim of a “Category One Attack” on critical national infrastructure in the future, highlighting Russia as one of the states most likely to launch an assault.
Relations between the U.K. and Russia are at the lowest level since the Cold War following a series of revelations about Kremlin-sponsored attacks on British soil. They include the poisoning of a former Russian spy and subsequent revelations about how the nation’s GRU military intelligence agency attempted to cover its tracks by trying to hack the Organization for the Prohibition of Chemical Weapons’s investigation into the incident in The Hague.
The NCSC report also provides an insight into how code names are given to different operations. After a tip-off about a cyber attack comes into the center, it’s assigned to one of six categories ranging from a strike on the government to an attack on an individual. Fans of traditional spy thrillers will likely be disappointed to hear the process of allocating the operation’s code name is done by computer — not based on in-jokes in the intelligence community.
One case officer also reveals that companies sometimes hang up when the NCSC phones them to say they’ve been the victim of a cyber attack, mistakenly assuming it to be a prank call.
As fifth generation or 5G telephone networks come into service, companies should examine their supply chains, which may be at greater risk of hacking, the report recommended.