US and UK government agencies are under threat from one of the most sophisticated hacking offensives in recent years, according to US and British sources. The hacking programme has been identified as originating from Russia.

However, the Russian foreign ministry made a statement that the allegations about Russia’s internet sabotage were “another unfounded attempt by the US media to blame Russia for cyberattacks against US agencies.”

The hack comes at a crucial time in US politics as Joe Biden is preparing to take office as the 46th president  but also comes at a sensitive turning point for Britain’s security and defence services as the UK negotiates its trade deal with the EU which is due to come into effect on January 1.

FireEye, a major cyber security contractor to the US government, revealed last week that it had been hacked and that  a number of its own ‘red team’ hacking tools which are used to provide security to IT systems of its clients had been stolen. This week FireEye has told clients, including major US federal departments, they should uncouple their systems based on the popular SolarWinds Orion system management platform.

SolarWinds has reported that some 18,000 of its 300,000 customers may have been hit. It is feared that the system has been corrupted in the US Homeland Defence, the State Department, the US Treasury and the Pentagon.

On Tuesday the UK’s National Cyber Security Centre – NCSC – also issued a warning on its website that “SolarWinds Orion, the IT management platform, has been compromised and may be used for onward attacks against systems connected to the product

The official spokesman for the NCSC gave no further details about the attack. “It is ongoing, so I cannot say more,” he said,  “I cannot comment about its effects.” Repeated calls to various sources connected with NCSC, and the new Cyber Force offered little clarification. It is understood that FireEye had signed an £865,500 cyber security deal with the UK Ministry of Defence for one year, according to the Daily Telegraph, just days before the company announced it had been hacked, and its security tools stolen.

On Tuesday last week, FireEye US stated “a nation with top-tier offensive capabilities” had stolen its bespoke digital hacking software. There are reports that the hack has penetrated the Medical and Healthcare products Regulatory Authority in UK and some hospital trusts although these are unconfirmed by the Cyber Security Centre. Health regulators have been targeted in the USA, and data about the Covid-19 vaccines acquired.

This latest hack is being compared in scale and novelty to the Stuxnet worm pioneered by the US and Israel, and first revealed in 2011, which took out at least a fifth of the computers working for the Iranian nuclear programme, especially those at the main centrifuge centre at Natanz. The worm in a various forms and developments is still extant, and lethal.

Britain was among some thirty countries affected by the Wannacry malware discovered in May 2017. Believed to originate from North Korea, among its targets were 43 National Health Trusts. It managed to penetrate their dated software – and in a few days cancelled 19,000 appointments and operations.

The timing of the FireEye and Solar Winds Orion breaches is embarrassing as it comes within weeks of Prime Minister Boris Johnson announcing the UK’s 3,000 strong new Cyber Force, a command shared between the intelligence services and the armed services.

On Monday the head of General Communications HQ in Cheltenham, which has charge over UK and US signals intelligence and surveillance, with part responsibility for the new Cyber Force, told a webinar conference at Chatham House the FireEye crisis was “very serious.” Jeremy Fleming said he could not, or would not, go further, because much was still unknown and many details could not be revealed for state security reasons. He would not elaborate on the range and number of personal, company and agency users of the system that had been affected and compromised.

The storm over FireEye has come as major decisions have to be taken about Britain’s defence, intelligence, cyber and space funding and capability. Last month the Prime Minister Boris Johnson announced an extra £16 billion for defence spending over what had already been budgeted, over the next three to four years.

At first it looked the settlement of the budget was generous – no other major spending ministry has been offered a multi-year settlement because of Covid. But it means budgeting is to be extremely tight at the MoD – a projected deficit of £13 billion has to be plugged meanwhile – and a further round of cuts in British defence capabilities is on the way. Already the services have been told to cut £1 billion from their planed programmes for the next year. Amongst other things, it has meant a severe chop in funding for Navy and Army reserves. “That means they are about to lose some valuable reservists – who man fishery protection for example – and once they’ve left they won’t come back,” says Francis Tusa of Defence Analysis, himself a veteran reservist.

The government is due to announce its defence equipment programme and budget by the end of this week. But it won’t do it before the Defence Secretary Ben Wallace issues the policy document on the shape and capability of the armed forces for the coming years. These two papers are supposed to work in conjunction with the much broader Integrated Review on UK defence, security, aid, trade and foreign policy in the round. Due out last month under the guidance of the former Downing Street policy adviser Dominic Cummings, the IR is not now expected until February at the earliest, but more likely later –if at all, according some cynics in Whitehall.

As the new policies, papers and budgets are being prepared, not only are officials, service director and commanders wrestling with the challenges and deficiencies in the cyber domain, underscored by the ongoing FireEye and SolarWinds Orion hacks. There is also a major challenge revealed by the revolution in ground combat thrown up by the use of drones , surveillance platforms, and remote controlled munitions in the fighting over Nagorno-Karabakh in South Caucasus last month.

The Azeris bested the Armenians, who were using older Russian drones and munitions, by the orchestration of  cheap Turkish drones, or Unmanned Aerial Vehicles, with a suite of innovative Israeli drones and munitions, supplied to Azerbaijan throughout the summer.

In a discussion last week Ben Wallace, the Defence Secretary, said that the UK Army had nothing like the highly effective, relatively cheap (costing around $5 million each) Turkish Bayraktar TB2 armed drone. This can’t be a surprise. The TB2 has been around since 2009 and has been effective in combat in Syria and Kurdistan , and especially in Libya this summer. In Nagorno-Karabakh , it was the use of the Turkish drones with some innovative and experimental Israeli drones, guided munitions and cruise missiles.  The British Army has nothing like this for tactical offence and defence in the ground battle. “Some British Army units would be hard put to survive a day against the weapons used in Nagorno-Karabakh,” Francis Tusa observes.

The Azeri method of attack seems to have taken Russia by surprise. Moscow now realises it has a major regional rival across the Caucasus and western Asia in Turkey. It has had to share peacekeeping duties with Turkey in Nagorno – Karabakh , reluctantly putting in its own ceasefire control force of 2,000 troops. This puts more pressure on Vladimir Putin, in yet another confrontation he does not like or want, along with Ukraine, Belarus, and Moldova.

Perhaps the FireEye and SolarWinds gambit is a diversion from Russia’s woes from the newly unfrozen conflicts round its neighbourhood, compounded by Putin’s personal setback from the ever-worsening spread of Covid.  It is interesting the Russian foreign ministry put out its denial on Facebook. Only this week it has been revealed in Israel that Facebook bought an Israeli firm Onavo to help ‘destroy’ competition, according to the national daily Haaretz. Onavo was set up by two veterans of the cutting-edge Israeli Cyber Intelligence  Unit 8200. Onavo can spot, surveil and if necessary ‘neutralise’ rival apps to Facebook’s own services and platforms like WhatsApp.

As the UK’s new cyber agencies are having to learn very fast – in cyberworld what goes around comes around, and often with shock and awe.