No 10 Chief of Staff and Chancellor of the Duchy of Lancaster, Steve Barclay, has urged the Government and businesses to “act as one” to protect the UK from Russian cyber attacks.
In a comment piece for The Times co-authored with the director-general of the Confederation of British Industry (CBI) Tony Danker, Barclay warned of a “heightened risk of hostile cyber activity” coming from Russian hackers.
“In the last year, two in five UK businesses were subject to some form of cyber-attack or attempted breach. If the UK is to be protected, Government and business must act as one,” Barclay and Danker wrote in the piece.
This includes increased cooperation among businesses as well as elevating cyber security to “a core boardroom responsibility”, treating it as “an equal threat to financial and other risks”.
“Cyber criminals thrive on the unwillingness of companies to share their experiences,” said Barclay and Danker, who urged organisations to “stress test” the cyber security of their entire supply chain. This is to avoid consequences similar to those experienced by Colonial Pipeline in May 2021, when the natural gas facility was shut down for days after being hacked by members of the Russian-based DarkSide group.
Heads of the UK’s airports, power plants, and largest banks are expected to meet later on Wednesday to “examine, challenge and support preparations against cyber threats”, while the Government is set to appoint senior business expertise to its National Cyber Advisory Board.
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware risk
Established in December 2021 as part of the UK’s £2.6 billion National Cyber Strategy, the National Cyber Advisory Board brings together the private sector’s senior leaders to “challenge, support and inform the Government’s approach to cyber” with the aim to strengthen the collaboration between the UK’s public and private sectors.
Barclay and Danker’s advice comes days after the National Cyber Security Centre (NCSC) warned that high-profile and critical infrastructure companies, as well as organisations aiding Ukraine or criticising the Russian government, are at the highest risk of being compromised by Russian threat actors.
The NCSC urged businesses to avoid using Russian tech providers, with Kaspersky being the only company named in the latest guidance. The antivirus company was also declared a threat to US national security and added to the FCC’s List of Equipment and Services Covered By Section 2 of the Secure Networks Act.
