-
An alleged pro-Russian cybercrime organization (Unit 21) is threatening to attack the UK’s cyberspace infrastructure, claiming that it can disable it at 21:00 local time tonight.
-
Six months of hacked accessm according to Unit 21’s statement, they have hacked UK government servers, power grids, and financial systems for the past six months, mapping the weak points in these infrastructures and researching their emergency response procedures.
-
Demonstration of ongoing Russian cyber hostilities, the recent attacks have formed the basis for establishing the legitimacy of this threat. According to FBI and NCSC sources, GRU-related hackers from Russia have hacked thousands of routers globally and compromised sensitive information.
A group of computer hackers, known as Unit 21, operating out of Russia, has issued a warning to the United Kingdom announcing an imminent cyberattack on its economy. The cyber assault will commence at nine o’clock this evening, targeting the computer network infrastructure of the United Kingdom – resulting in black screens and zero balance in bank accounts for the citizens of the United Kingdom upon waking tomorrow morning.
The post states that the cyberattacks will be in retaliation for the United Kingdom’s support of Israel in its current war with the Gaza Strip and that the hacking group has gained entry to U.K. networks by conducting reconnaissance over the last six months, identifying weaknesses and researching emergency protocols.
According to Unit 21 hackers, they will conduct cyberattack anonymously, making it impossible to trace back to the hacking group. This announcement from Unit 21 is the latest in a string of warnings and concerns that government intelligence agencies raised regarding cyber threats to the United Kingdom from Russian-affiliated hacking groups.
For a number of years, the National Cyber Security Center (NCSC) has monitored the activities of Russian-affiliated hacking groups as part of the UK’s efforts to protect itself from cyber threats. Security experts across the security industry have advised the public and organizations to be on their guard.
Hackers Claim They Mapped UK Weaknesses for Months
Unit 21’s message carries a detailed claim of prior access. The group says it has been inside UK government servers, power grids, and financial systems for half a year. The hackers also claim to know backup frequencies and private communications of ministers.
The group’s message takes a menacing tone. The hackers say they want to paralyse the country, not kill anyone. They believe fear will make British citizens question their leaders. Unit 21 demands that the UK stop funding what they call “terror” in Israel, or else they will shut down the country piece by piece.
The FBI has previously warned about Russian hacking groups using routers to steal sensitive information from governments and military organizations worldwide. This suggests that claims of long-term network access are not impossible, even if this specific threat requires verification.
Mobile devices are also a prime target, researchers have uncovered a ‘DarkSword’ iOS exploit designed to steal credentials and cryptocurrency wallet data, proving that attackers target every possible entry point, from home routers to iPhones.
Recent Russian Cyber Attacks Support Credibility of Warning
The Unit 21 threat is not completely new information. Last week, Radio Free Europe/Radio Liberty published an article on one of the major Russian hacking groups, sponsored by the GRU (Russia’s military intelligence agency) – they infiltrated thousands of internet routers in homes and offices across the globe. Those Russian hackers were able to monitor email communications and extract passwords for several months.
The FBI confirmed this activity. In a recent interview, Brett Leatherman, Deputy Assistant Director of the Cyber Division of the FBI, cited examples of Russian hacking activities involving the compromise of routers located in the US and worldwide in the process of collecting intelligence.
The hacking group previously gained unauthorized access to computers belonging the Democratic Party during the 2016 presidential election in the United States. US authorities later charged 12 GRU officers for those intrusions.
UK Authorities and Public Should Take Practical Steps
Authorities in the UK need to take concrete actions to get ready for the current threat situation. The nature of the 9pm threat has not been revealed, but according to the NCSC, everyone must ensure they do not ignore online security matters. The NCSC is the UK’s Technical Lead in cyber security and assists businesses and the public with secure online services.
One of the NCSC’s key recommendations is that anyone using a modern device should regularly keep their devices up-to-date. In addition, when securing the network, all defenders should ensure that they change all of the default usernames and passwords on their routers. They should disable remote management links from the Internet on their routers to further prevent unauthorized access to their network.
Also, anyone accessing secure information (e.g., banking) should always stay aware of certificate warning messages returned to them by their web browser or email client as this could indicate an unauthorized or compromised connection.
The NCSC encourages organizations to be knowledgeable about various Russian hacking methods as well as to review the mitigation strategies the agency recommended on its website. Additionally, individuals who may have experienced a potential compromise of their bank account should immediately contact their bank and check their statement for any unusual transactions.
The full extent to which Unit 21’s announced attack will impact the UK’s national security interests remains unknown; however, this warning is part of a long history of Russian cyber aggression against the United Kingdom and its allies. In the future, the NCSC and its international partners will continue to publicly identify Russian malicious cyber activity while helping to provide practical assistance to protect networks.
