Their names might sound harmless but the cyber threat is very real

Their names might sound harmless but the cyber threat is very real

As names, they seem innocuous enough. Sandworm Team, Telebots, Voodoo Bear and Iron Viking could have come from a harmless video game or children’s TV programme. In fact, they are the labels used by a group of Russian military intelligence-backed hackers whose destructive malware attacked critical infrastructure, national elections, the Olympics, and poisoning investigations. Indicted by the FBI in 2020, the notorious group of GRU officers appears to be busy at work again, targeting power stations in Ukraine this month.

It is a reminder that cyber risks are a fact of life in this digital age. In our home county of Yorkshire, Safestyle, the UK’s largest double-glazing installer, had to issue a profit warning earlier this year after falling foul to a highly sophisticated cyber-attack that appeared to emanate from Russia. The heightened threat environment means that businesses and households alike should be alert to the growing risks: the UK data watchdog recorded 1,345 cyber-security incidents in the second half of 2021, an increase of 20 per cent on the same period in 2019.

According to the Government’s Cyber Security Breaches Survey 2022, 39 per cent of businesses identified a cyber-attack in the last 12 months and 31 per cent of these estimated they were attacked at least once a week. The most common type of attack reported was phishing – when attackers try to trick users into clicking a bad link that will download malware or direct them to a suspect website. One in five respondents said they had received more sophisticated attacks such as ransomware or denial of service.

WFH might seem safe, but the Five Eyes alliance of western intelligence agencies has warned that working from home increases the risk of cyber-attacks and is one of the top ways that hackers could gain access to private information. Steve Barclay, the UK minister responsible for cyber security, told the Telegraph: “Cyber-attacks recognise no physical or geographical boundary, and it has never been more important to plan and invest in cyber resilience.”

Cyber security can appear daunting to a small business owner, but it needn’t be. The National Cyber Security Centre have produced a simple five-step guide to help small businesses save time and money. Owner-managers should back up their data, put in place protection from malware such as anti-virus software, keep their smartphones safe and secure, use passwords to safeguard data and take steps to avoid phishing attacks.  

The latest alert from the Five Eyes alliance identified threat groups with names such as Berserk Bear, Iron Twilight and Mummy Spider and said Russia’s invasion of Ukraine could expose organisations both within and beyond the region to increased malicious cyber activity. The names might sound harmless, but the underlying risk is very real.