UK government departments and major retailers are being targeted by a highly sophisticated cybercrime group known as Silver Dragon, which experts believe is financed by the Chinese government. The group, which has already attacked firms in Europe and Asia, sends convincing phishing emails to install ransomware and demand large sums of money.
Graeme Stewart of cybersecurity firm Checkpoint Research, which is monitoring the group, warned that an attack in the UK is “inevitable.” He described Silver Dragon as an “advanced and persistent threat” and urged organisations to stay vigilant. “It's an arms race – these groups are getting more clever, so we need to get more clever,” he said.
While there is no evidence that Silver Dragon has successfully breached UK targets, the group has attempted to infiltrate government departments and retailers. Many organisations use software to block suspicious emails, but Stewart stressed the importance of up-to-date defences and staff training, comparing cybersecurity to health and safety.
The warning comes as the government’s cyber security breach survey revealed that over 43 per cent of UK businesses experienced a cyber breach or attack in the past year. Phishing emails, like those used by Silver Dragon, were identified as the most common threat.
Recent cyber attacks have caused significant disruption in the UK. Last week, half a million participants in the UK Biobank project had their health data put up for sale on Chinese-owned site Alibaba. Hackers also allegedly stole confidential files from the Foreign Office, while the Electoral Commission and Ministry of Defence payroll department have been targeted. Retailers including M&S, the Co-Op, Harrods and Dior have also been hit, with M&S reportedly losing over £300 million.
Richard Horne, CEO of the National Cyber Security Centre, speaking at the CYBERUK conference, emphasised that ransomware remains the most prevalent threat and urged organisations to embed cybersecurity into their core operations and implement layered defences.
