back to article Russia and China bombard Blighty with 188 cyberattacks in 3 months

Britain has been hit by 188 "high-level attacks" in the last three months. Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and …

  1. James 51
    Coat

    And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.

    1. Anonymous Coward
      Anonymous Coward

      And it is still a nightmare to get vendors and managers to take security seriously and fund it properly.

      The Internet was designed to route around damage so that data could always get to the endpoint. As it expanded, people didn't really think through the implications because (let's be honest) it was just such fun in the early days. And then people didn't want to pay for stuff and some genius had the idea of using advertising as a form of micropayment, followed by cookie tracking and end user espionage.

      And then people wonder why it isn't secure.

  2. Anonymous Coward
    Anonymous Coward

    Source IP does not mean that's where the attack came from

    Have you not heard of compromised proxy machines to launch an attack you clown.

    You see the source IP in your logs and say 'See - that's an IP in Russia that is' with no clue as to who is driving that remote machine.

    1. Anonymous Coward Silver badge

      Re: Source IP does not mean that's where the attack came from

      The article doesn't mention source IP. You can often tell the origins by the language of comments embedded in the attack code, for example.

      1. YARR

        You can often tell the origins by the language of comments embedded in the attack code

        Gosh, so the real attacker would never think of impersonating the language / localisation of the nation / target they are attempting to frame?

      2. Anonymous Coward
        Anonymous Coward

        Re: Source IP does not mean that's where the attack came from

        Et moi, je suis Francais. Tu vois? J'ecrive en Francais, donc il faut que je sois Francais.

        Except I'm not. See how easy it is?

      3. Anonymous Coward
        Anonymous Coward

        Re: Source IP does not mean that's where the attack came from

        "You can often tell the origins by the language of comments embedded in the attack code, for example."

        And it would never, ever occur to a hacker who is trying to obfuscate their identity, to simply insert comments in a language other than their own?

    2. Yet Another Anonymous coward Silver badge

      Re: Source IP does not mean that's where the attack came from

      And Russian packets have snow on their boots

  3. GingerOne

    I call bullshit. 188 attacks that they NOTICED in a three month period. As for knowing where they originate from, are we living in the movies now? They have some 'hacker' tracing IPs and VPNs around the world until they hit a laptop in Starbucks, Moscow?

    1. Anonymous Coward
      Anonymous Coward

      That's weird

      It's weird they're mentioning just these two countries.

      There are plenty of other countries around the world also originating similar behaviour.

      So why mention just these two?

      1. bombastic bob Silver badge
        Devil

        Re: That's weird

        "So why mention just these two?"

        it's popular?

        1. Anonymous Coward
          Anonymous Coward

          Re: That's weird

          > it's popular

          Hmmm, I'd more call it "propaganda", but YMMV. :)

    2. Anonymous Coward
      Anonymous Coward

      Sadly, I call "lack of knowledge."

      They can find and trace the traffic via command and control messages sent in from their "admins." None of the really good malware is completely automated, yet. There is a need for humans to monitor and control the process and the monitoring and control of the botnet. The people with the ability to see, and correlate, this traffic are the government and other agencies with the ability to see all the traffic; inside, AND at the ingress/egress points. You're lack of knowledge is disturbing. I am not a senior network security person, merely a senior Linux and large data center hosting admin, and I know this. You should read more info, and less opinion-related items.

      1. A.A.Hamilton
        Thumb Up

        re "Sadly, I call "lack of knowledge.""

        Why downvote this post? The author made reasonable points, rebutted the previous post and all in a temperate way. Has the intolerance and belligerence of Brexiters infect us here too?

        1. Anonymous Coward
          Anonymous Coward

          Re: re "Sadly, I call "lack of knowledge.""

          Why downvote this post?

          In your case, the down-vote is for the pointless, inflammatory, and belligerent reference to brexit.

          At this rate, we will soon have to revise Godwin's law.

        2. Anonymous Coward
          Anonymous Coward

          Re: re "Sadly, I call "lack of knowledge.""

          Because he/she was rude, smug, and also pretty damn clueless...

          ... and then said other people had the lack of knowledge.

          That's my "why" anyway.

    3. tr1ck5t3r

      Its just to keep us busy watching those packets coming into your computer when you could be enjoying life.

      If they really wanted to do something about it, GCHQ would have built something to secure what they can coming over the networks like China. After all economic activity is important right, you dont want the NHS losing your records to some hacker collective who publishes it on the dark web now do we, or some banks getting hacked?

      National Security? Thats a joke, they are the one's carrying it out whilst the innocents get targetted just like in a real war. Hacking celebs and giving the media the tip off's is all just part of the charade, aint that right Beckham?

    4. streaky
      FAIL

      I can't even figure out the scope of these numbers. What I do know is if it's only 188 in 3 months then Russia and China aren't trying very hard. I could do billions in minutes without even really trying. Again, scope is at question.

      Love the idea of GCHQ telling people that we're under attack, we were all wondering when GCHQ were going to notice, stop looking at people's cat pictures, and actually contribute. (Also that GCHQ are the planet's biggest threat to UK corporate IT; we've all seen the slides).

      1. Anonymous Coward
        Anonymous Coward

        Security snowflakes?

        "A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day, some of which are launched from the United States".

        http://news.softpedia.com/news/russia-hackers-attacking-putin-s-website-thousands-of-times-a-day-511877.shtml

        1. bombastic bob Silver badge
          Devil

          Re: Security snowflakes?

          "A Russian official revealed that the country is the target of hundreds and sometimes thousands of cyberattacks every day,"

          it's almost expected, yeah. 'Spy vs Spy'.

          But when you get economic sanctions because of alleged 'hacking', it should be backed up with some REAL evidence. Just sayin'.

          1. Anonymous Coward
            Anonymous Coward

            Re: Re: Security snowflakes?

            The U.S. applied economic sanctions against Russia in response to the annexation of Crimea. Hacking has nothing to do with this decision.

    5. Anonymous Coward
      Anonymous Coward

      Bullshit cubed

      188 attacks that they SAY they noticed in a three month period. The "intelligence agencies" (aka secret police) often tell us that they have crushed 13,481 terrorist attacks in the past year.

      Well, they would, wouldn't they?

    6. Tom Paine
      Facepalm

      Ever hheard of a thing called 'espionage'? How about "SIGINT'?

  4. Your alien overlord - fear me

    Why bother hacking - defence, we have none whilst our nuclear subs are getting new window curtains fitted and foreign policy - suck up to those whose country is building our new war planes.

    1. Lars
      Coat

      The UK arms industry is fairly successful and the number five exporter behind the USA, Russia, Germany and France with China as number six according to the Daily Mail.

      https://en.wikipedia.org/wiki/Arms_industry#World.27s_largest_arms_exporters

      Industrial espionage is hardly anything new but I agree it must be hard to prove exactly who is behind every hacking attempt (and I am sick and tired by the word cyber for now, and so is my spellchecker).

      1. Anonymous Coward
        Anonymous Coward

        Why??

        Name one area of military technology in which Russia could learn anything from the UK.

  5. Anonymous Coward
    Anonymous Coward

    Acts of war?

    If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.

    1. GingerOne

      Re: Acts of war?

      "then surely they should be regarded as acts of aggression or war?"

      Don't fall in to their trap my friend. If this is state sponsored there is no need for war. 'The State' is nothing to do with the actual people of Russia or China, just like ours is sadly nothing to do with us. Don't let the pathetic posturing of our 'leaders' lead you to grow hate for millions of innocent people.

    2. Vittal Aithal

      Re: Acts of war?

      Let's hope it's not an act of war since you can bet your bottom dollar that we're equally busy trying to squirrel into their networks (if only to find the infamous Trump rumpy-pumpy (mostly pumpy) videos).

    3. Anonymous Coward
      Anonymous Coward

      Re: Acts of war?

      If these are truly state sponsored attacks, then surely they should be regarded as acts of aggression or war? Just because the countries in question aren't lobbing bombs at us or directly physically attacking us, doesn't mean there are no consequences to our country's well being or economy.

      That slope has more grease on it than a monkey in a machine shop.

      Even forgetting about the difficulties with attribution and proof, what is the threshold for the consequences to our country's well being or economy? For example, Chinese government may argue that BBC Chinese Service causes harm to China's well-being and economy by spreading news which it would rather have suppressed. Would that constitute an act of war? Or the Russian government may argue that the sanctions imposed by the UK government cause harm to the Russian economy. Would that be an act of war?

      There are many good reasons to avoid this verbal inflation and hysteria; only somebody who'd never been on the receiving end of the actual war or even a limited peace-keeping action would seriously equate a booby-trapped powerpoint opened by a moron with an act of war.

    4. Anonymous Coward
      Anonymous Coward

      Re: Acts of war?

      If you are plotting to kill me, then surely I ought to get my retaliation in first and attack you.

      There are many problems with that line of thinking, the greatest of which is the word "if". One does not declare war on the basis of unsubstantiated suspicions - or reports issued by self-serving officials.

      Nor, of course, does one declare war on a power that could render the UK uninhabitable within one hour.

      1. Sir Runcible Spoon

        Re: Acts of war?

        Intelligence gathering prior to an act of war isn't, in of itself, an act of war as far as I am aware.

        If that knowledge was then used to damage a country's infrastructure, for example, then yes, that would be an act of war (if it was initiated by a state actor - but how can you tell? It could just as easily be carried out by a corporation in that country (assuming you could identify the country reliably)).

        The problem is that of the language used. 'Attack' infers some kind of damage, whereas what they are actually describing is 'espionage' or perhaps 'infiltration'.

  6. pdh

    Fuller disclosure

    It would be interesting if accusations like these also included a line saying: "And in that time, we ourselves have mounted or sponsored X number of attacks against Russia and China, using the same definition of 'attack'."

    Even if the number X is zero, it would be interesting to hear the government state that out loud, with a straight face. (And then to hear them explain why they believe zero is the most appropriate value of X.)

    1. Yet Another Anonymous coward Silver badge

      Re: Fuller disclosure

      Why would we bother hacking our enemies?

      Unless there is a war what good does it do to know the Russian or Chinese military's secrets?

      It would be far more valuable to be hacking the Eu ministries that will be negotiating Brexit or the US agencies that will be deciding on the tarrifs to place on the UK

      1. Anonymous Coward
        Anonymous Coward

        Re: Fuller disclosure

        Unless there is a war what good does it do to know the Russian or Chinese military's secrets?

        By the time there's a war on it is a bit late to think "Ooh, we'd better hack their military secrets". As a general rule, a successful cyber-espionage campaign takes a lot of scoping, planning, and execution (plus design, coding and testing if you need new spyware able to infiltrate nation state defences).

  7. Anonymous Coward
    Anonymous Coward

    "complete shutdown of our critical national infrastructure."

    oh no - a talking head said it again... he needs a visit to CyberSquirrel1 to calm his nerves...

    1. Yet Another Anonymous coward Silver badge

      Re: "complete shutdown of our critical national infrastructure."

      That's where we have tricked them - we already have out own system for doing that

  8. Christian Berger

    Attribution is (virtually) impossible

    IP-Addresses say nothing, code styles can easily be faked or you can just buy exploits on markets, foreign characters in filenames or paths can easily be faked as can dates and times.

    We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack, no matter how primitive they were. Also we live in a world where false flag operations are nothing uncommon.

    If those organizations mentioned in the article would actually care about security, they would provide guidelines for actual security. They would advise against office software, they would advise against complex file formats, particularly proprietary ones. They would warn against closed source software, particularly when there's an auto update mechanism.

    1. GingerOne

      Re: Attribution is (virtually) impossible

      "We live in a world, where it's likely that the actions of some little kid are seen as a state sponsored attack"

      Or we live in a world where governments will use the actions of some little kid as an excuse to flex the muscles and start measuring each others dicks.

  9. Anonymous Coward
    Anonymous Coward

    Soo..

    Do these (presumed) state-backed operators need this data in order to fight terrorism and keep us all safe? Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)... Is China and Russia just trying to protect us all as well?

    Joking aside, I know that the various UK security services are probably less likely to abuse my, yours, and any UK company data that they somehow obtain (meaning using the data outside of their stated purpose of obtaining such data - like building a competing company or product), but the foreign agencies are probably less likely to come knocking on your door in the middle of the night.

    So on the whole, I'm not 100% sure who'd I'd rather be cyberattacked by.

    1. Anonymous Coward
      Anonymous Coward

      Re: Soo..

      "Because that is (as far as I understand these things) the reason why our own state usually mounts cyberattacks and conduct espionage against its own people)..."

      I'm afraid that your words show you don't understand these things very well. Your own state emphatically does not spy on you and others "in order to fight terrorism and keep us all safe".

      For a start, the threat to British citizens from terrorism is virtually nil. Noise level. You are more likely to be struck by lightning, killed by a bee sting or run over by a police car than killed by terrorism in Britain. (And please don't tell me that's because the police are so efficient).

      Moreover, even the tiny threat that does exist could be virtually extinguished if our own precious government(s) would just stop killing foreign people going about their own business in their own countries. It's not a lot to ask, is it?

      1. Sir Runcible Spoon

        Re: Soo..

        https://static.guim.co.uk/sys-images/Guardian/Pix/pictures/2011/10/28/Factfile_deaths_large.png

        In 2010, apparently 142 people died from Swine Flu in the UK!!?

  10. Ironclad
    Black Helicopters

    Been going on for centuries....

    ...just not using this medium.

    Previously spying was done through bribery, corruption, blackmail and just plain physically stealing stuff, it's now much easier to hack into another countries vulnerable systems instead.

    Perhaps a massive denial of service attack or a deliberate act of sabotage that could be traced back unquestionably to a foreign power (and I imagine that's very difficult to prove) could be construed as an act of war. Until then it is the ancient art of espionage through another avenue.

  11. Anonymous Coward
    Anonymous Coward

    "Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets"

    I always wonder at organizations that feel they must make everything available over the internet.

    Perhaps "secrets" don't really need to reside on a computer?

    BTW: Is "defence" a British spelling?

    1. John R. Macdonald

      Defence vs Defense

      @etatdame

      "Defence" is the preferred spelling used in most varieties of English except American English which uses "defense".

      1. Anonymous Coward
        Anonymous Coward

        Re: Defence vs Defense

        preferred spelling used in most varieties of English except American English...

        As it is already the second language of the US of A, I wonder if our colonial rebels also mangle Spanish when they spell and write that?

        1. John R. Macdonald

          Re: Defence vs Defense

          Very likely ;-)

        2. John Brown (no body) Silver badge

          Re: Defence vs Defense

          "I wonder if our colonial rebels also mangle Spanish when they spell and write that?"

          Yes, because like American English isn't English, Mexican is not Spanish ;-p

        3. Anonymous Coward
          Anonymous Coward

          Re: Defence vs Defense

          It has been suggested that some of them think people in Latin America speak Latin. And there was one prominent US politician who visited Rio de Janeiro and, attempting to emulate John Kennedy in Berlin, told the Brazilians, "I am a carioca (a native of Rio)".

          Unfortunately he said it in Spanish.

  12. jasper pepper

    It is one thing to have the US hacking Angela Merkel's phone but quite beyond the pale for the Russians and Chines to hack us isn't it?

    1. Anonymous Coward
      Anonymous Coward

      All sane folks in the US do NOT condone spying on everyone and everything without obtaining some kind of approval, so as to remain within the law and the "laws" of human decency. Ed Snowden pointed a light into that hole and we can see what we felt was going on; nothing good. Your government, and mine, like to use these "cyber attacks" and pair them with "Russia/Chinese state threat actors" unless it's convenient to deny it, *cough* tRump *cough*. This is how your data and mine are slurped up and examined, all without any oversight or due process. Idiots who claim "well, if you have nothing to hide, surely you don't mind big bro taking a peek?" while not also offering their own bank passwords for examination by me are part of the problem. Keyboard Wankers, is my name for those fucknuts.

      The government is not able to dig through my backpack without my allowing it, so why should my data be any different? It ISN'T!!1!

  13. amanfromMars 1 Silver badge

    Your duty ...... as a member, freedom loving individual and grand master in the human race

    Does anyone calling for war deserve a bullet ..... in order to discourage others from similarly failing catastrophically and falling foul of madness and mayhem?

    Keeping things so simple easily prevents destructive confusion and stupid conflicts?

    1. Sir Runcible Spoon
      Joke

      Re: Your duty ...... as a member, freedom loving individual and grand master in the human race

      What if a whole country calls for a war?

      1. amanfromMars 1 Silver badge

        Re: Your duty ...... as a member, freedom loving individual and grand master in the human race

        What if a whole country calls for a war? ... Sir Runcible Spoon

        It is always only leading warmongers and the intellectually bankrupt that make such a call, Sir Runcible Spoon. Whole countries only pay the cost and carry the price for them. Both thus proven prime idiots easily led by crazed words.

  14. Grikath
    FAIL

    No US in there..

    Then again.... Blighty... does the Full Access Moon when it comes to the US and sensitive data, innit?

  15. Anonymous Coward
    Anonymous Coward

    'Super Orange Man' to the rescue!

    A few well directed and sarky Tweets and 'Kabloooie', no more reds under your beds.

  16. 22ten

    State sponsored or bedroom warrior?

    You have to admire the paranoia of these people that hacking must be state sponsored when the people who have been caught so far have been largely bedroom warriors... But I guess it's problematic to justify spending millions of taxpayers money otherwise!

    1. amanfromMars 1 Silver badge

      Re: State sponsored or bedroom warrior?

      ... But I guess it's problematic to justify spending millions of taxpayers money otherwise! ....22ten

      Howdy, 22ten,

      Did I not hear correctly that £2billion was the cost so far for the setting up of the UKGBNI National Cyber Security Centre. White elephants and unicorns are not as cheap as chips, you know.

      I quite like the idea of State sponsored bedroom warriors though :-) …… although only if one is not expected and contracted to follow a fools’ agenda, for that is problematical and unacceptable to all with the necessary mindset to excel at …. well, CyberIntelAIgent Security and Virtual Protection of Critical Assets and Strategic Goals is a Prime Class of any National/International/Internetional Security Infrastructure which be of quite natural and supernatural interest to others, given what monumental damage and catastrophic disruption can be so easily wrought with expertise in ITs Advanced Imaginative Fields.

      1. amanfromMars 1 Silver badge

        Re: State sponsored or bedroom warrior?

        Of course, fiat currency churn in the name of, and the end game of present virtual reality/Great GamesPlay.

        Or are you brainwashed into thinking/not thinking otherwise?

        You surely realise then you be as clay in the hands of master potters ☠

  17. tiggity Silver badge

    "Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets"

    Good luck to hackers seeking to find any coherent Foreign policy information given the headless chicken approach from gov on Brexit so far, best they will get is: Foreign policy means Foreign policy

    As for defence save themselves the effort, just look around for the most ludicrously over priced but not really fit for purpose kit you can find - that will be MOD wishlist based on recent purchase history

    1. Anonymous Coward
      Anonymous Coward

      I actually found some (real) defence foreign policy documents online, (not UK docs but allied nations),

      took me two weeks of emailing to get the attention of the relevant nation and get them moved. I think in the end I probably just phoned them up, it was a while ago.

      My accidental kali/metasploit hacking tool of choice then was a simple Google search. . .for some technical docs - not what I got. I doubt things have improved pen.wise in some countries, other than Google search being more partial, bubbly & flaky. I'd probably use yandex.ru today.

      Now, back to my cheap Solar and away from the old exciting neversec cybersquirrel stuff

  18. Sir Runcible Spoon
    Holmes

    Missing man in the middle?

    It isn't just a choice between 'bedroom warrior' and 'state actor', that's just framing. Corporations do (and I expect will continue to) hack as well.

    1. Anonymous Coward
      Anonymous Coward

      Re: Missing man in the middle?

      Yes, recently, any open-source fact posited on forums, that mentioned a certain horseless folk-wagon and their associated worldwide breathing/dementia linked "allegations" - was speedily rebutted online (almost as though they had subcontracted the B.N.D. multi-typewriter-warrior trolls to do this), allegedly etc

      What is it called when Corporations and "the State" become interchangeably interlinked, not much concerned with the actual population, old word, begins with "f". . .nope, escapes me?

      1. Sir Runcible Spoon
        Joke

        Re: Missing man in the middle?

        "begins with "f". . .nope, escapes me?"

        It doesn't rhyme with 'Hashish-jism' by any chance does it?

  19. mhenriday
    Boffin

    it's no doubt rude of me to point this out,

    but the article claims that of 188 «high-level» attacks suffered by Blighty in the last three months some came from Russia and China, respectively. It does not claim that «Russia and China bombard Blighty with 188 cyberattacks in 3 months», as in the headline....

    Henri

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon