‘Malicious actors’ trying to access vaccine procurement plans and data on variants
“Malicious actors” are trying to steal coronavirus vaccination plans and data on new variants, an arm of GCHQ has warned.
The chief executive of the National Cyber Security Agency (NCSC) said the pandemic was likely to cast a “significant shadow” for many years.
“Some groups may also seek to use this information to undermine public trust in government responses to the pandemic, and criminals are now regularly using Covid-themed attacks as a way of scamming the public.”
Ms Cameron was speaking to the Chatham House Cyber 2021 conference on Monday, where she cited Russia, China, Iran and North Korea among countries mounting cyber attacks.
She said another emerging threat was the rise of a “commercial market for sophisticated cyber exploitation products” that could see unregulated software used for unlawful purposes.
The official named NSO Group’s Pegasus suite as an example, after the High Court found it was used by agents of Dubai’s ruler Sheikh Mohammed bin Rashid al-Maktoum to hack the phones of his ex-wife and her lawyers.
The allegations, which are denied by Sheikh Mohammed, resulted in NSO Group ending its contract with the United Arab Emirates for breaching its rules.
“Reportedly, customers of NSO Group had marked tens of thousands of global telephone numbers as potential targets,” Ms Cameron said.
“Those with lower capabilities are able to simply purchase techniques and tradecraft – and obviously those unregulated products can easily be put to use by those who don’t have a history of responsible use of these techniques. So we need to avoid a marketplace for vulnerabilities and exploits developing that makes us all less safe.”
Ms Cameron told the conference that ransomware, such as the WannaCry cyberattack that struck large parts of the NHS in 2017, still presented the most immediate danger to the UK and can affect businesses, schools, councils and critical national infrastructure.
She predicted that the threat from so-called “supply chain attacks”, where hackers target less secure third-party elements of target organisations, will grow.
An example was the 2020 SolarWinds attack, where hackers used a system used by businesses to manage IT resources to send out corrupted software updates that allowed them access into customers’ systems.
The US government was among SolarWinds customers, and the hackers were able to access emails at the US Treasury, Justice and State departments, as well as other agencies.
The attack was attributed to a Russian state-backed group by the British and American governments.
Ms Cameron said it was a “stark reminder of the need for governments and enterprises to make themselves more resilient, should one of their key technology suppliers be compromised”.
The NCSC chief said the integration of advancing technology into people’s everyday lives presented a “significant challenge”.
“In the coming years, society will benefit hugely from developments that make our lives more efficient and greener, such as smart cities,” she added. “But it is inevitable that our adversaries – whether they are nation-state or cyber criminals – will seek to exploit the opportunities that these changes bring.
“And when they are successful, the potential impacts are much greater than the attacks we see today. So, we must ensure we are in a strong position to safely take advantage of these emerging technologies.”