Pierluigi Paganini November 25, 2024

A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine.

Russia may launch cyberattacks against the UK and its allies in retaliation for their support of Ukraine, Chancellor of the Duchy of Lancaster Pat McFadden is expected to state during a NATO meeting.

Chancellor of the Duchy of Lancaster Pat McFadden is also responsible for National security, resilience, and civil contingencies.

According to the BBC, he believes that Russia is conducting a “hidden war” against the UK and its allies.

He is expected to warn about the activity conducted by Russia’s GRU Unit 29155, which the UK government accuses of conducting several attacks across the UK and Europe.

“In a speech to the NATO Cyber Defence Conference at Lancaster House in London, the cabinet minister will warn “cyber war can be destabilising and debilitating” and describe the Kremlin as “exceptionally aggressive and reckless” in this area.” reported BBC.

McFadden will warn of Russia’s cyber capabilities that can target critical infrastructure, such as power grids, causing severe damage. Russia’s state-sponsored hackers can “turn the lights off for millions of people” with a cyber attack. McFadden believes that Russia-linked actors can also target British businesses to carry out malicious activities.

“Given the scale of that hostility, my message to members today is clear: no-one should underestimate the Russian cyber threat to NATO. The threat is real,” he will tell representatives of the NATO countries.

He will allege that Russian state-aligned hacking groups have executed at least nine cyberattacks against NATO nations, targeting critical infrastructure. McFadden will also warn of cyber attacks carried out by “unofficial hacktivists” linked to the Russian government.

In September 2024, the FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. These operations include espionage, sabotage, and reputational damage. The United States and its allies state that GRU is behind global critical infrastructure attacks.

Starting January 13, 2022, the group employed the WhisperGate wiper in attacks against Ukrainian organizations. The government expert pointed out that Unit 29155 operates independently from other GRU-affiliated groups like Unit 26165 and Unit 74455.

Russia’s GRU Unit 29155 is also responsible for attempted coups, influence operations, and assassination attempts across Europe. Since 2020, the unit has expanded into offensive cyber operations aimed at espionage, reputational harm, and data destruction. The FBI believes the unit’s cyber actors are junior GRU officers gaining experience under senior leadership. They also rely on non-GRU actors, including cybercriminals, to carry out their operations.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, NATO)