.png)
The Undeclared War is new drama series about a widespread hack on the UK’s computer networks. Here’s what experts say could really happen.
A grim-faced Prime Minister walks to a podium and delivers a sombre message to the British public that their lives are about to be disrupted in the most dramatic and fundamental way. This may sound like one of Boris Johnson’s televised addresses during the Covid pandemic, but it is in fact a scene from a new Channel 4 drama, The Undeclared War, about another potentially devastating threat from an unseen force: a major cyber attack that could bring the nation to a standstill.
The six-part series, directed by Peter Kosminsky and starring Adrian Lester as the Prime Minister, Simon Pegg as head of GCHQ and Hannah Khalique-Brown as an intelligence officer, is the result of five years of extensive research about what could happen in the event of a widespread hack on computer networks affecting government, the NHS, national infrastructure and banks. In fact, there are many comparisons with the Covid pandemic, and not only due to the viral nature of malware.
While the impact of a major cyber attack may stretch out for more than two years or more, as it did with Covid, experts warn there are gaps in the emergency planning by world governments to deal with such a crisis, just as they were underprepared for the pandemic. Planning for a viral pandemic was always about a worst case scenario that ministers, public health officials and scientists hoped would never happen – and so it is with a cyber attack.
But experts believe governments, businesses and the public need to take the threat, which may seem abstract, more seriously. They hope The Undeclared War, set in the very near future, will bring it to life. The ongoing reality of war in Ukraine, which has fuelled high inflation and food and energy insecurity, brings an added dimension to fears of a major cyber attack.
The worst case scenario is so much more than a website going offline for a few hours, but critical national infrastructure (CNI) such as water reservoirs, gas and oil pipelines and refineries, the NHS, supermarkets and transport networks being disrupted, with the aftermath lasting several days as the public panics to stock up on dwindling supplies and hospitals cannot operate on patients or conduct MRI scans.
Last year, an attack on a local reservoir, supplying drinking water to 15,000 people in Florida, sent shockwaves through governments around the world. Hackers intercepted drinking water supplies in the city of Oldsmar by remotely logging into an account at an underground reservoir facility and increasing the levels of caustic soda used to treat the water to dangerous levels, from a safe 100 parts per million to 11,100 parts per million – a potency which could have caused vomiting, abdominal pain and potentially intestinal damage.
Fortunately, a worker spotted what was happening live on-screen and intervened, but the fact that hackers were able to break in, remotely, to a physical and crucial part of state infrastructure showed vulnerabilities in the system. Some months later, the Colonial Pipeline, which carries nearly half the US east coast’s fuel supplies, was disrupted by a cyber attack in a similar way.
The Undeclared War imagines a British Prime Minister grappling with an unprecedented cyber attack – but how prepared is the UK Government in real life?
One of the most serious hacks on UK infrastructure was the WannaCry ransomware attack in 2017, which locked out 200,000 computers across the world, with error messages demanding payment in Bitcoin.
The NHS was severely affected by this attack, losing £92m in services and IT costs, while 19,000 appointments were cancelled in the week following the hack and 80 hospital trusts were disrupted. The Department of Health has since built up its defences, with a dedicated Cyber Security Operations Centre providing local and national network monitoring, incident response and threat intelligence.
Concerned about your company's Cyber Security? Book a Cyber Security Audit (CTA)
Incredibly, the CSOC blocks around 21 million items of malicious activity every single month – the figure is so high due to the automated nature of malware emails – and has, since 2018, prevented at least 5 WannaCry-style attacks.
Earlier this year, the NHS carried out a “tabletop” wargaming rehearsal of a major nationwide cyber attack, codenamed Exercise Denim, and will repeat this later this year.
But cyber experts warn that the NHS, and other UK Government departments, organisations and infrastructure bodies, are still under-prepared.
The “five eyes” group of intelligence-sharing between the UK, US, Canada, Australia and New Zealand was created to focus on preventing physical war but this has now extended to tackling cyber war, Mr Mahdi said. The “bad actors” are typically hostile states, such as Russia, Iran and North Korea, as well as underground hacking groups or “families” that often work hand in hand with those countries.
The motives are usually money – using ransomware to hold computer systems hostage – but in the case of a hostile government, it is a form of war – as the name of the Channel 4 series highlights.
This article is abridged and originally appeared in iNews.