Former Cybersecurity Boss Warns UK Not Heeding China Threat

The former and founding head of the National Cyber Security Centre (NCSC), Ciaran Martin, has said the recent US warning that China is targeting key infrastructure should be taken more seriously.

Ciaran Martin was speaking to the Guardian at the DTX conference at Manchester Tech Week, when he said that disruption of civilian infrastructure should be a red line, and warned that Chinese hackers are following Russian examples and are pre-positioning themselves into critical infrastructure ahead of launching a possible attack.

Earlier this month Chinese hackers had been blamed for a hack of third party supplier to the MoD, which exposed approximately 270,000 payroll records of nearly all current and former members of Britain’s armed forces (including reservists and at least one MP).

Critical infrastructure

Speaking to the Guardian, Martin cited an earlier US warning that Chinese state-backed hackers targeting key sectors was a pivotal moment in Beijing’s approach to cyberwarfare.

“The UK has not paid enough attention to a gamechanging warning from the US that China is planning disruption to key critical infrastructure,” Martin was quoted as saying.

He reportedly said there should be more focus on the threat across the public and private sectors and “swaths of civil society”.

Martin reportedly said the government should make clear in its public messaging to China that the threat of disruption to key infrastructure was unacceptable.

“We should be clear where our red lines are and disruption of civilian infrastructure should be a red line,” he reportedly said.

Moscow tactics

Martin also reportedly stated China had no history of disruptive cyber-operations, unlike Russia, but was now moving to Moscow-style tactics. “They’re preparing to be like Russia,” he was quoted as saying.

Christopher Wray, the director of the FBI, had warned in April that Chinese state-backed hackers had infiltrated key US infrastructure and were waiting for “just the right moment to deal a devastating blow”.

It comes after the heads of the Five Eyes intelligence agencies came together last October to accuse China of intellectual property theft and using AI for hacking.

Pre-positioning moves

The warning from the FBI’s Wray said a group known as Volt Typhoon had burrowed into American companies in the telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted. The tactic is known as “pre-positioning”.

The idea is that foreign hackers infiltrate Western critical infrastructure, so they can launch an attack in an effort to induce panic among the civilian population.

Ciaran Martin pointed to the disruption caused by infrastructure attacks at the British Library, which had been severely affected by a ransomware attack. “What if we had 100 British Library attacks all at once,” Martin was quoted by the Guardian as saying.

Making further comments at a keynote speech at DTX, Martin reportedly said the disruption from cyber-attacks on critical infrastructure “probably wouldn’t directly kill anybody but it would hurt”.

In March the UK had confirmed that Beijing-backed hackers were responsible for a cyber-attack targeting the UK elections watchdog and a surveillance operation on British politicians.

Ciaran Martin also welcomed a report by the tech website The Record that the UK government was considering making reporting of ransomware attacks mandatory and requiring victims to seek a licence before making ransom payments.

“I am really glad they are taking it so seriously,” he reportedly said.