“Malicious actors” are trying to steal data on coronavirus vaccination plans and new variants, a branch of GCHQ has warned.
The chief executive of the National Cyber Security Agency (NCSC) said the pandemic was likely to cast a “significant shadow” for many years.
Lindy Cameron said: “Malicious actors continue to try and use information related to COVID, whether it is data on new variants or vaccine purchase plans.
“Some groups may also use this information to undermine public confidence in government responses to the pandemic, and criminals are now routinely using COVID-themed attacks as a way to deceive the public. Huh.”
Ms Cameron was speaking at the Chatham House Cyber 2021 conference on Monday, where she cited Russia, China, Iran and North Korea as countries with increasing cyber attacks.
She said another emerging threat was the rise of a “commercial market for sophisticated cyber-exploitation products” that could see unregulated software used for illegal purposes.
The NSO Group’s Pegasus suit was named as an example of the hacking of the phones of his ex-wife and her lawyers by agents of Dubai ruler Sheikh Mohammed bin Rashid al-Maktoum, the High Court found.
The allegations, which have been denied by Sheikh Mohamed, resulted in the NSO Group terminating its contract with the United Arab Emirates for violating its rules.
“Reportedly, thousands of global telephone numbers were marked by NSO Group customers as potential targets,” Ms Cameron said.
“People with less ability are only able to buy the technology and tradecraft – and obviously those unregulated products can easily be exploited by people who don’t have a history of responsible use of these technologies. So we have to find vulnerabilities and exploits.” There is a need to avoid the market for this which makes us all less safe.”
Ms Cameron told the conference that ransomware, such as the WannaCry cyber attack, which affected large parts of the NHS in 2017, still presents the most immediate threat to the UK and threatens businesses, schools, councils and critical national infrastructure. can affect.
She predicted that the threat would be exacerbated by so-called “supply chain attacks,” where hackers target less secure third-party elements of targeted organizations.
One example was the 2020 SolarWinds attack, where hackers used a system used by businesses to manage IT resources to send corrupt software updates, which allowed them to access customers’ systems.
The US government was among SolarWinds’ customers, and hackers were able to access emails from the US Treasury, Justice and State Departments as well as other agencies.
The Russian state-backed group was blamed by the British and American governments for the attack.
Ms Cameron said it was “a reminder of the need for governments and enterprises to make themselves more resilient, should one of their key technology suppliers be compromised”.
The NCSC chief said the integration of advancing technology into people’s everyday lives presents a “significant challenge”.
“In the years to come, society will benefit immensely from developments that make our lives more efficient and green, such as smart cities,” she said. “But it is inevitable that our adversaries – whether they are nation-states or cybercriminals – will try to take advantage of the opportunities these changes bring.
“And when they are successful, the potential impacts far outweigh the attacks we see today. Therefore, we must ensure that we are in a strong position to take advantage of these emerging technologies safely. “
Credit: www.independent.co.uk /