Cyber Attacks: Biggest Emerging Threat?
London, UK - 18th October 2010, 23:00 GMT
Dear ATCA Open & Philanthropia Friends
[Please note that the views presented by individual contributors are not necessarily representative of the views of ATCA, which is neutral. ATCA conducts collective Socratic dialogue on global opportunities and threats.]
Asymmetric attacks on computer networks are amongst the biggest emerging threats to the UK, the government has said in its new National Security Strategy (NSS): "A Strong Britain in An Age of Uncertainty." There will be an extra GBP 500 million to bolster cyber security, focused on protecting key infrastructure and defence assets. Senior government officials have said that this new cyber programme will be defensive not offensive, but it is difficult to envisage Her Majesty's government will not seek to have the capability to counter digital attacks, should the situation require it.
Remote Cyber Attack
In the foreword to the NSS document -- just released to the British Parliament -- prime minister David Cameron and the deputy prime minister Nick Clegg argue that the UK needs to think completely differently about the type of threats it faces. "We are entering an age of uncertainty," they write. "This strategy is about gearing Britain up for this new age... weighing up the threats we face and preparing to deal with them... as a government we have inherited a defence and security structure that is woefully unsuitable for the world we live in today... we are determined to learn from those mistakes and make the changes needed."
Last week Ian Lobban, the head of GCHQ, the Cheltenham based intelligence centre, warned of the very real danger of cyber terrorism which could target Britain's critical infrastructure including electricity and computer networks. This could lead to blackouts where household appliances, phones, computers, water networks and transport systems were brought to a halt. Cyber-attacks are now in the top tier of threats to Britain, conventional war only in third tier of danger. Given that these 21st century enemies cannot be fought by conventional military methods, it means thousands of troops are likely to be axed by the government in the near future.
Quantifying A Cyber Attack
Although the mi2g Intelligence Unit has been examining the anatomy of cyber attacks since 1995, it can be difficult to quantify their impact. Cyber extremism is as big an asymmetric threat as any other but in a slightly more insidious way. It's not a bomb going off in the street or underground, it is a much more camouflaged threat. The digital attack victim does not usually know who is attacking them and both the public and private sectors are losing intellectual property on a regular basis. So the threat is not to human lives but the damage is more fundamental to the national economy. Until a cyber attack actually happens it is difficult to monetise the threat, but it is encouraging to see the UK government taking it seriously before something dramatic does happen. Clear acts of cyber terrorism are fairly rare, either from extremist movements or fringe groups, but cyber attacks on the whole are becoming prominent and increasing on a daily basis. There is quite a lot of variety in these digital attacks. They can be as simple as a malicious software downloaded from an email, but they can also include distributed denial of service attacks, whereby a network server or website is overloaded with traffic until it crashes. Another key area of concern is industrial or nation-targeted espionage or theft of intellectual property.
The Iran Stuxnet cyber attack has been on most security radar screens recently. This worm, manifest in Iran, targeted very specific industrial areas and was directed at one or two nuclear facilities. It shows us the reality is getting closer to what has been theoretically possible for many years. It is particularly concerning for governments and companies because the systems used are very commonly deployed worldwide. Oil and gas refineries, power plants, even traffic control systems can all be targeted. So each command and control system is unique, but what concerns governments is the Iran worm and its use for sabotage. It shows that this type of complex digital attack can spread swiftly. The UK may or may not be a target of a full blown cyber attack, but the government is now realising it needs to at least account for the possibility of such a threat in its future risk strategies and defence programme.
Who Are The Attackers?
Primarily the digital attackers are likely to be from trans-national organised crime syndicates or teams of sophisticated hackers representing a particular cause such as vigilantes. Note the ATCA briefings: "Robin Hood Digital Wars: Is This Only The Start?" and "China's Cold Cyberwar: Rise of 5th-Dimension Red Army and Economic Pearl Harbour?" There are also strong suspicions of threats coming from other nation states engaged in espionage. There appears to be less of a threat from well known terror groups. The states that have extremely sophisticated cyber capabilities include the US, Russia, China, Israel, France and Germany.
Tier 1, 2 and 3 Threats
The National Security Council, set up by Mr Cameron in May, has published an updated approach to national security which identifies 16 threats to the UK divided into tiers:
The most serious threats comprise acts of international terrorism, hostile computer attacks on UK cyberspace, a major accident or natural hazard such as a flu pandemic, or an international military crisis between states drawing in the UK and its allies. Foreign Secretary William Hague said the national security strategy has specified, for the first time, the threats that the UK "most had to prepare for". "This country needs an increased capability to protect ourselves, not only against cyber attacks on the government but on businesses and on individuals," he said. "Such attacks can, in the future, become a major threat to our economic operations in the country and to our economic welfare but also to national infrastructure, such as electricity grids and so on. We have to make sure we are protecting ourselves and that is why there is GBP 500m of additional funding coming for that area." This is designed to combat concerns that terrorist groups might be able to hack into critical infrastructure such as air traffic control networks and other cases of "cyber espionage" where rogue groups or even foreign states seek to break into computer systems to obtain top secret information.
Scenarios include an attack on the UK using weapons of mass destruction, a civil war in a region of the world which terrorists could exploit to threaten the UK or a significant rise in organised crime.
Scenarios include a conventional large-scale attack on the UK, alongside disruption to oil and gas supplies, a serious accident at a nuclear power station, an attack on a NATO ally and interruptions to food supplies.
The National Security Strategy (NSS) should be viewed as a backdrop to the announcement of the Strategic Defence and Security Review (SDSR). The NSS concludes that the risk picture is becoming increasingly diverse and Britain now faces a multitude of threats. Imagine that instead of the Icelandic volcano eruption, which paralysed air traffic across Europe for more than a week with massive economic consequences, we end up with a more debilitating cyber attack. Or a competitor nation state seeks to engage in military action with a neigbhour and creates a diversion for Western allies by immobilising their digital national infrastructure.
The government needs to invest actively in cyber security and work with the world's best cyber security expert groups to limit the danger of Britain being attacked in an increasingly globalised and interconnected future. The government has to compete against the private sector to acquire highly skilled personnel. There aren't many highly skilled cyber security experts available. There are young cyber security geeks, experts employed by the national intelligence agencies and cyber security companies. These personnel will be at the sharp end of domain specific knowledge. However, one solution that fits all situations, may not necessarily work. It is for this reason that mi2g has developed its Queen's Award winning bespoke security architecture, according to domain specific needs.
The government may also seek to improve awareness and education so that individuals and companies are more conscious of the threats they face. Another critical area of spending could be on enhancing partnerships with the private sector and friendly countries to link up diverse knowledge pools and strategic capabilities. The priorities should be the protection of critical infrastructure, economic lynchpins, enhancement of cyber security defence architecture, network operating centres and the expansion of technical skill sets and requisite capabilities.
The radical redrawing of defence priorities, set out in the UK's new National Security Strategy (NSS), makes it easier to scrap some of the outdated and inefficient Cold War defence equipment including warships, fighter jets and tanks. Investing in human capital and knowledge to keep the UK safe and economically competitive despite asymmetric attacks is now becoming increasingly critical. The potential for compromise and the crippling of critical national infrastructure, including economic hubs, ought to be identified and defended robustly.
We welcome your thoughts, observations and views. To reflect further on this subject and others, please respond within Twitter, Facebook and LinkedIn's ATCA Open and related discussion platform of HQR. Should you wish to connect directly with real time Twitter feeds, please click as appropriate:
. ATCA Open
. mi2g Intelligence Unit
. Open HQR
. DK Matai