SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image

UK warned of cyber threats from China-backed Volt Typhoon

Wed, 20th Nov 2024

The UK is at risk from cyberattacks on its critical infrastructure allegedly orchestrated by the People's Republic of China (PRC), according to Certes, a cybersecurity firm.

Certes has voiced concerns that the UK is not adequately prepared to handle sophisticated cyber threats, particularly those posed by a group known as Volt Typhoon, which has come under scrutiny by US intelligence agencies, including the FBI.

The group is reported to target crucial systems, leaving infrastructure such as energy grids and healthcare services susceptible to attacks. Though the scope of these activities is more extensively documented in the United States, experts caution that the UK may be equally at risk.

The interconnected nature of UK networks makes them appealing targets for cyber espionage or sabotage, according to the report. Public services, including the NHS and public transport systems, which heavily depend on digital infrastructure, may be particularly vulnerable due to existing weaknesses.

There is concern that beyond impacting public services, cyber incidents like those initiated by Volt Typhoon could significantly disrupt the economy, daily life, and potentially threaten national security. The UK's international alliances, especially with nations like the US and within NATO, could also mean it faces increased risk in the global arena.

Certes suggests that the UK needs a strategic shift in handling cybersecurity threats. The firm recommends transitioning from traditional defensive methods to a more proactive stance, centred on what it calls Data Protection and Risk Mitigation (DPRM). This approach prioritises securing the data itself rather than merely shielding the surrounding systems.

Simon Pamplin, Chief Technology Officer of Certes, expressed, "Volt Typhoon is a wake-up call for the UK. We rely on digital systems for the NHS, transport, and energy, yet these networks are not prepared to handle the evolving threats posed by state-sponsored attackers. The consequences of ignoring these threats could be disastrous."

He further added, "We can't rely on hope as a strategy. The threat from state-sponsored groups like Volt Typhoon is not going away. The UK needs to take action now and rethink how we protect our most vital services. Our zero-trust model ensures that even if attackers breach the system, they won't be able to access or use the data they're after."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X