THE vast majority of the cyber attacks that struck Jersey in 2023 originated from Russia, according to the Island’s cyber security chief.
Jersey Cyber Security Centre director Matt Palmer said that more than 80% of the digital attacks tackled last year stemmed from Russian criminal organisations “or their affiliates”.
Mr Palmer warned against complacency and said that “consistent, advanced attacks from that part of the world” have become a threat the Island is “going to have to live with and respond to”.
He encouraged businesses to bolster their digital defences through a “Cyber Essentials” certification, which can now be achieved through four local providers.
At the end of 2022, Mr Palmer warned that Jersey had been included on a list of “unfriendly” jurisdictions published by the Kremlin, which he said would be seen as a “target list” for cyber-crime groups aligned with the Russian state.
Reflecting on 2023, he said that “Russian-originating attacks” had been a “consistent theme”, although he acknowledged that it was difficult to determine whether they came from state-backed groups or other criminal organisations.
Attacks could take different forms, said Mr Palmer, such as compromising a company’s emails or other systems to extract data, cause disruption or even commit fraud.
“Of course, the other dynamic that you have here is the difficulty of attributing something to a group, understanding who the attacker is and, therefore, whether they are subject to sanctions and so on.
“I would definitely say that 80% plus of the incidents that we get involved with that are due to a cyber attack are due to a Russian-originating organisation or affiliates.
“We probably hear of or deal with about one instance every week.”
He added: “Consistent, advanced cyber attacks from that part of the world, from Russian threat actors, are a simple fact of life now. One that we are going to have to learn to live with and respond to.”
Mr Palmer noted that Jersey and Guernsey recently carried out their first “pan-island cyber-incident response exercise”.
“The idea was to simulate an attack that impacted both islands, then work through how we would respond to that given the differences between the islands but also the similarities in terms if infrastructure, the threats, the scale and so on.
“I won’t go into the details of the scenarios because we don’t want to give people ideas, but what we do is look at the threats that are realistic and are impacting similar organisations elsewhere in the world.”
Mr Palmer said that, despite the Island’s size, it could quickly be “brought into wider geopolitical disputes”.
“We can’t assume we are safe,” he said. “It is the case that we are less likely to be consciously targeted and more likely that we might be picked up as part of a wider range of attacks – either way, the threat is a real one.”
He added that the JCSC had just achieved accredited status within a European network of cyber defence organisations.
“I am very pleased we have been able to do that. It is a big step forward and it opens doors for us, in terms of engaging nationally on how we can effectively defend the Island.”
– The four local “Cyber Essentials” certification providers are Resolution IT, Prosperity 24/7, CyberTec Security and Clarity.
