The UK's Defence Academy suffered a cyberattack with “significant” impact in March 2021, a retired senior officer has revealed.
Speaking to Sky News (opens in new tab), Air Marshal Edward Stringer, who retired from the position several months later, claimed the attack was big enough to motivate the organization to speed up its plans on restructuring its entire network.
"The consequences for the operations were significant, but then manageable," Stringer said, adding that they were manageable only because the employees worked “incredibly hard” to find workarounds.
The usual suspects
IT staff had to "find back-up ways to use regular internet, etc, etc, to keep the courses going, which we managed to do - but not as slickly as previously, that would be fair."
While we don’t know exactly what happened, or if any malware was involved, he did say that the organization was forced to spend money on mitigation and repairs, rather than on something else. “And what could we be spending the money on that we've had to bring forward to rebuild the network? There are not bodies in the streets, but there's still been some damage done,” he added.
Relevant organizations investigated the incident, but the results were never made public. And while names have been thrown around, from “malicious organizations”, to the usual suspects - Russia, China, North Korea, or Iran, the truth is - “It could be any of those or it could just be someone trying to find a vulnerability for a ransomware attack”.
There is also the possibility that the Defence Academy was used as a stepping stone towards a more prominent target, but if that is the case - then the attackers failed. "No, I was quite confident... that there hadn't been any other breaches beyond the Defence Academy,” Stringer said.
The Defence Academy is located in Shrivenham, Oxfordshire, and educates British military officers. It is believed that it doesn’t hold any sensitive data on its endpoints (opens in new tab) or network.
- You might also want to check out our list of the best firewalls right now