Saturday 25th May 2024

Good morning everyone! Today's edition of Cyber Daily looks in to tech turbulence by unpacking how UK businesses are grappling with cyber threats from ideologically driven hackers, the critical insights of former NCSC head Ciaran Martin on China's cyber tactics, and the latest blow to Brick Court Chambers in a major data breach.

Brick Court Chambers Hit by Cyber Attack

Brick Court Chambers, a prestigious UK law firm, recently suffered a significant cyber breach. The Medusa ransomware group claimed responsibility, alleging they stole 141GB of data and briefly published it online before removal. The hack exposed sensitive files like court documents, meeting minutes, employment contracts, and even video conferences.

Last week, Brick Court Chambers acknowledged a "potential cyber incident" and enlisted external cyber experts to investigate. Despite the Medusa group's claims, the firm’s spokesperson maintained that client business continues securely.

Medusa's dark web site showcased the breach with preview screenshots and a file tree of the stolen data. The group later removed the listing, sparking speculation about a possible ransom payment, though the firm remains tight-lipped, citing an ongoing criminal investigation. This incident underscores the growing cybersecurity challenges within the legal sector, reminiscent of last year's high-profile A&O breach.

Ex-NCSC Chief Warns of Escalating Cyber Threats from China

Ciaran Martin, former chief executive of the National Cyber Security Centre (NCSC), has raised alarms about the growing cyber threat posed by China. Speaking at Manchester Tech Week's DTX conference, Martin emphasised the need for the UK to heed US warnings about Chinese hackers targeting critical infrastructure.

Martin stressed that the disruption of civilian infrastructure should be a "red line," citing recent hacks attributed to Chinese actors, including a breach exposing 270,000 payroll records of the UK's armed forces. He warned that Chinese hackers are adopting Russian tactics by pre-positioning themselves within critical systems to launch future attacks.

Echoing FBI Director Christopher Wray’s April warning, Martin highlighted that Chinese state-backed hackers have infiltrated key US infrastructure sectors, awaiting the opportune moment to strike. This tactic, known as “pre-positioning,” involves embedding malware in essential services to induce panic and chaos when activated.

Martin criticised the UK's lack of attention to these threats and called for stronger public and private sector defences. He praised potential government measures like mandatory reporting of ransomware attacks and requiring licenses for ransom payments.

UK Businesses Urged to Strengthen Cyber Defences Against Ideologically Motivated Hackers

UK businesses must step up their cybersecurity efforts to defend against ideologically driven hackers, Cabinet Office minister Oliver Dowden warned at the CyberUK conference in Belfast. These hackers, likened to Russia's Wagner paramilitary organization, aim to disrupt or destroy critical infrastructure.

Dowden highlighted that these groups, unlike financially motivated cybercriminals, are focused on causing damage and are less likely to show restraint. The National Cyber Security Centre has issued an official threat notice to key operators to strengthen defences against this growing danger.

Dowden stressed the importance of businesses securing their digital presence, comparing it to not leaving physical doors open to criminals. He appealed to companies responsible for essential services to take cybersecurity seriously, emphasising that national prosperity relies on their vigilance.

To enhance the UK's cyber resilience, Dowden announced measures including setting ambitious cyber resilience targets for critical infrastructure sectors by 2025. The government also plans to expand cyber resilience regulations to encompass all private sector businesses involved in critical national infrastructure.