A serious cyber attack on Britain is “a matter of when, not if”, a top spy chief warned on Sunday.
Ciaran Martin, the head of GCHQ's cyber defence unit, told The Telegraph newspaper that it is not possible for Britain's security services to offer "absolute protection" against Russian hackers.
Instead, their focus is on combatting attacks that would “most impact on our way of life” rather than trying to stop every single breach.
It is believed that senior officials from internet, transportation and utility firms, as well as from the National Health Service, have attended intelligence briefings at the National Cyber Security Centre on the various ways in which Moscow might be targeting the UK’s infrastructure in the wake of the poisoning of former spy Sergei Skripal in southern England last month.
Mr Martin, who heads the NCSC, confirmed that GCHQ is on “heightened alert” for “follow-up activity” after the Salisbury attack, which the British government blamed on Russia.
“Turning off the lights and the power supply by cyber attack is harder than Hollywood films sometimes make out,” he said. “But we’ve seen enough malicious cyber attacks across the world, including against UK health services by a North Korean group last year, to know how services can be disrupted.”
Mr Martin said that complete protection is “neither possible nor desirable”. The priority is on having “more resilience in the systems we care about the most”, such as the country’s internet and transport networks, power and water supplies and the National Health Service.
“We have said that it is a matter of when, not if, the UK faces a serious cyber attack. So last week we presented detailed plans to Government departments about the priority areas where the NCSC will work with them, industry and law enforcement to improve the cyber resilience of the most important systems.”
It is understood that the NCSC has written to the government laying out urgent steps for civil servants to take, in order to protect Whitehall from cyber attacks.
According to The Telegraph, the advice included basic preventative measures as well as more specific, technical precautions to be undertaken by departments.
The warnings from Mr Martin are just the latest by the US and the UK about Russian cyber activity, as tensions continue to ratchet up following the air strikes on Syria.
Last week, British and US intelligence services issued a joint statement warning that the Kremlin is involved in “malicious cyber activity” by using malware to try to steal intellectual property, carry out espionage and prepare for future offensive operations.
The main targets include "government and private-sector organisations", as well as providers of critical infrastructure and internet service providers, they said.
Russia dismissed the warnings as “groundless”. “We don’t know what these new accusations are based on,” said President Vladimir Putin’s spokesman Dmitry Peskov.
The US and the UK have also directly blamed Russia for launching cyber offensives in the past, including election meddling and the "NotPetya" cyber attack in Ukraine, which left 200,000 people without power. Last week, Britain said that the NCSC responded to 49 incidents linked to Russian cyber groups in the last six months.
Australia also said last week that up to 400 businesses had been targeted by suspected Russian state-sponsored cyber attacks in 2017 but that there was no evidence of significant exploitation.