The UK’s National Cyber Security Center (NCSC) sees demand for access to spyware, hackers for employment and other cyber capabilities such as hack kits as a service in a new assessment published on 19 April 2023. is expected to rise globally. , during the CYBERUK conference in Belfast.
According to reports, these hacking tools and services have so far been used in over 80 countries, targeting thousands of people each year.
“Some states have almost certainly used this irresponsibly to target journalists, human rights activists, dissidents, dissidents, and foreign government officials,” the report adds.
Another disturbing discovery is that these tools and services are more sophisticated than ever, and are now “on par with the capabilities of some state-affiliated Advanced Persistent Attack (APT) groups. “There is,” the NCSC estimates.
While they have already lowered the barriers to entry for state and non-state actors, the large financial rewards they allow could encourage state employees and contractors to become hackers for employment. , resulting in potential corporate espionage threats to organizations and individuals in all sectors.
As such, the NCSC predicts that hacking tools and services will “almost certainly grow over the next five years.” [and] The development of commercial capabilities is likely to diversify to meet demand, leading to more victims of cyberattacks across a wide range of industries and a more unpredictable threat landscape. ”
reach agreement on responsible behavior
Jonathon Ellison, NCSC’s Director of Resilience and Future Technologies, argued for not only the prevalence of these tools, but also their sophistication and diversity.
“Our new assessment highlights that not only is the threat bigger, but more hackers for hire are tasked with targeting a wider range of targets, and off-the-shelf products and exploits lower the barriers to entry for all. To keep cyberspace safe, it is critical that these functions are managed in a responsible, proportional and legally sound approach, and we are working with our international partners to , the UK is determined to meet this growing challenge,” he said in an official statement.
This report was at the center of a CYBERUK panel session titled “How Do We Want to End the Cyberproliferation Race?”, but was also echoed in the words of Oliver Dowden, Prime Minister of the Duchy of Lancaster, in his introductory CYBERUK speech. I was. In particular, he mentioned the solution Pegasus from Israeli company NSO Group.
Dowden said Pegasus is “one of the most advanced cyber tools and spyware that can cause serious damage to the digital world. We are responding,” he said.
He was referring to a joint statement released in March 2023 by stars from the UK and 10 other countries about their efforts to “combat the proliferation and exploitation of commercial spyware.”
Ellison explained this joint effort at CYBERUK: So we are working with our partners to build a global consensus on what we define as responsible behavior when it comes to using spyware,” he said.
However, Ellison and other NCSC representatives acknowledged that the joint statement was just the beginning and that “much work remains to be done to provide a joint and comprehensive response.”
