Cyberattacks by the UK’s enemies are becoming “relentless” as we enter a “new era” of global conflict, an expert has warned.
It comes after Russian hackers allegedly acquired top secret security information on some of the country’s most sensitive military sites, including the HMNB Clyde nuclear submarine base on the west coast of Scotland and the Porton Down chemical weapon lab.
The “potentially very damaging” attack last month by hacking group LockBit, which has known links to Russian nationals, saw thousands of pages of data leaked onto the dark web after private security firm Zaun was targeted, the Sunday Mirror newspaper reported.
The company, which provides security fencing for sites related to the Ministry of Defence, said it had been the victim of a “sophisticated cyberattack”.
Responding to the news, Kevin Curran, professor of cybersecurity at Ulster University, told the PA news agency that LockBit’s attack was “serious” as we approach a potential “World War Three” following Russia’s invasion of Ukraine.
He said the raid was “likely” sponsored by the Russian state given the nature of its target and that cyberattacks by Britain’s enemies had become “relentless”.
Professor Curran warned that we were unprepared for this new era as third party companies which hold data on our military infrastructure were not being properly regulated.
He said: “You can’t just expect third party suppliers to adhere to your rules.
“There is always a risk when you have third party suppliers and you do wonder if they adhere to industry best practice.
“It is a worry because everything is online now – cybercrime is the biggest crime in the world.
“Given the new era we are entering which is the brink of World War Three everything is serious.
“They are relentless with these attacks. Their best way into our country is through our cybersecurity. This is the nation at risk.
“In this case, given the target, my money would be on this being state sponsored.”
Edward Lucas, a security and defence specialist, said: “The problem is that we don’t live in a bubble – we bring stuff from the outside world. That’s where the vulnerabilities are.
“(This information) gives them an idea of physical location and the stuff that is going in and out of this location – it’s like a lily pad. You have to jump from one to the other to get to where you want to go.”
The comments come after Labour MP Kevan Jones, who sits on the Commons Defence Select Committee, urged the Government to explain why Zaun’s computer systems were “so vulnerable”, warning: “This is potentially very damaging to the security of some of our most sensitive sites.”
“Any information which gives security arrangements to potential enemies is of huge concern,” he added.
The Government has so far declined to respond to concerns, with a spokesperson saying: “We do not comment on security matters.”
In a statement on its website published on Friday, Zaun said it had taken “all reasonable measures to mitigate any attacks on our systems” and explained that they had referred the matter to the National Cyber Security Centre (NCSC).
It explained the breach occurred through a “rogue Windows 7 PC” that was running software for one of their manufacturing machines but that the network was “otherwise up to date”.
It said: “At the time of the attack, we believed that our cybersecurity software had thwarted any transfer of data.
“However, we can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed.
“It is believed that this is 10 GB of data, 0.74% of our stored data.
“It is well known that Zaun is a specialist in high-security perimeter fencing and has supplied fencing to many high-profile sites.
“Sites where our products are used include prisons, military bases and utilities.”
Zaun has been approached for further comment.
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here