Feeds

Spooks want backdoor into your network

Mission creep mucho?

Security for virtualized datacentres

GCHQ, the UK's signal intelligence agency, may get an expanded role in preventing attacks against the networks of key private firms under new government plans.

The Communications-Electronics Security Group (CESG) at the UK's Government Communications Headquarters (GCHQ) has historically only provided best practice guidance and security product certification to the private sector, while taking a more active role in helping government departments defend their networks against cyber attacks.

Security chiefs are now pushing to get an expanded role in "monitoring unusual network traffic" and repelling cyber attacks at critical national infrastructure firms, the Daily Telegraph reports.

Under the plans, an expanded national cyber-security hub at GCHQ would monitor network traffic from "major communications, power and transport providers for evidence of hacking", a big expansion of the current role of the small team at the Cyber Security Operations Centre, which provides online intelligence about threats to national security.

The planned expansion comes against the backdrop of an increased volume of cyber-espionage attacks, such as the attacks in France in the run-up to the G20 conference in Paris and against oil and gas conglomerates, as well as the Stuxnet worm, which is blamed for disrupting the control systems and thereby sabotaging kit at Iranian nuclear processing plants.

The UK government recently named cyber attacks as a Category One threat in its recent Strategic Defence and Security Review, with the Cameron administration pledging £650m over the next four years to boost the UK's cyber-security efforts.

At the same time, resources for policing cyber-crime in the UK – which demonstrably poses a severe and growing economic threat – have been reduced to around £63m.

Government fears, in the UK and elsewhere, centre on concerns that hostile powers might cripple communication or banking systems or disrupt the delivery of utilities.

But many observers, most notably a recent OECD-sponsored study, have criticised such "cyber-war"-related fears as overblown.

The Daily Telegraph reports that the prime minister summoned blue chip firms including British Airways, BT and National Grid to Downing Street to discuss plans to expand GCHQ's role in cyber-defence. Firms such as BT, following its acquisition of security services firm Counterpane, and Symantec have a healthy and growing business selling security monitoring and response services for corporates.

BT, in particular, is likely to oppose any expanded role for GCHQ in the private sector. Security minister Baroness Neville-Jones said the government's critical infrastructure plan had not yet achieved "buy in" from some of the relevant corporations. "What we need is greater situational awareness," she said.

The UK plans are comparable to critical national infrastructure "Perfect Citizen" project conceived by the National Security Agency (NSA), GCHQ’s US counterpart, last year and opposed by critics as a move that would give the signals intelligence agency the ability to spy on private communications. The NSA firmly denied any such intention.

Baroness Neville-Jones offered similar assurances against concerns that GCHQ's plans would carry privacy drawbacks. "What this partnership will not do is start breaking boundaries that we have around privacy and personal data," she said. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.