UK defence school hit by sick cyber attack by ‘Russia or China’ causing ‘significant’ damage | #malware | #ransomware


A CYBER attack on the UK’s Defence Academy – possibly by Russia or China – caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, said the attack which was discovered in March 2021 meant the Defence Academy was forced to rebuild its network.

3

The Ministry of Defence building on Horse Guards Avenue in LondonCredit: Getty
A cyber attack on the UK's Defence Academy caused 'significant' damage

3

A cyber attack on the UK’s Defence Academy caused ‘significant’ damageCredit: Getty
Its thought that Russia could be behind the cyber attack

3

Its thought that Russia could be behind the cyber attackCredit: AP

He said he did not know if criminals or a hostile state, like China, Russia, Iran or North Korea, were responsible but the damage has yet to be fully rectified months on.

Mr Stringer told the Sky News: “It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack that was just, you know, a genuine criminal organisation.”

He added: “There were costs to… operational output. There were opportunity costs in what our staff could have been doing when they were having to repair this damage.

“And what could we be spending the money on that we’ve had to bring forward to rebuild the network? There are not bodies in the streets but there’s still been some damage done.”

Sky reported that no sensitive information was stored on the academy’s network.

The school, based in Shrivenham, Oxfordshire, teaches 28,000 military personnel, diplomats and civil servants a year and moved more online during the pandemic.

In his the first since he left the military, Mr Stringer said “unusual activity” was first discovered by contractors working for outsourcing company Serco and “alarm bells” started ringing.

He told how there were “external agents on our network who looked like they were there for what looked pretty quickly like nefarious reasons”.

But he disclosed the attack was not successful and while the hackers may have been using the academy as a “backdoor” to other Ministry of Defence (MoD) systems, there were no breaches beyond the school.

Mr Stringer – who was also director general of joint force development and led the military thinking about how it would adapt to the future of warfare – said the attack fell within a so-called grey zone of harm, which falls below the threshold of war.

The site, which is much like a domain for a university, had to be completely rebuilt, a task which is still ongoing.

The National Cyber Security Centre, a branch of GCHQ, was also made aware of the hack.

Sky reported that an MoD spokesperson said: “In March 2021 we were made aware of an incident impacting the Defence Academy IT infrastructure. We took swift action and there was no impact on the wider Ministry of Defence IT network. Teaching at the Defence Academy has continued.”

Back in July Russian hackers REvil demanded a $70 million ransom in Bitcoin for a decryption key, after a cyberattack that targeted 1,000 US firms. 

The breach, which was the largest ransomware attack on record, reportedly hit the IT systems of up to 1 million companies across the globe, by breaching the systems of US-based software firm Kaseya.

Those affected included a school in New Zealand and Swedish grocery chain Coop. as well as two major Dutch IT firms. 

And in November Google warned of a cyber attack spearheaded by Russian hackers that targeted users of Gmail.

Cyber security company show how hackers could use your PRINTER to access your Gmail in new cyber security threat





Original Source link

Leave a Reply

Your email address will not be published.

3 + six =