Feeds

Government plans cyberweapons programme

Cabinet Office and GCHQ lead on developing offensive cyber capability

Beginner's guide to SSL certificates

Whitehall officials have revealed that work has begun on a range of offensive cyberweapons to add to its defensive capability.

It is understood that the Cabinet Office and the Cyber Security Operations Centre at GCHQ have taken the lead on the issue, and that in time there will be some input from the Ministry of Defence.

The MoD recently appointed General Jonathan Shaw from the Parachute Regiment to head a defence cyber-operations group. He told the Guardian that cyberspace represented "conflict without borders".

The armed forces minister, Nick Harvey, told the Guardian that "action in cyberspace will form part of the future battlefield", and that he now regards cyberweapons as "an integral part of the country's armoury". It is the first official acknowledgment that such a programme exists.

"We need a toolbox of capabilities and that's what we are currently developing," he said. "The circumstances and manner in which we would use them are broadly analogous to what we would do in any other domain."

Harvey added: "Cyber is a new domain but the rules and norms, the logic and the standards that operate in any other domain ... translate across into cyberspace. "I don't think that the existence of a new domain will, in itself, make us any more offensive than we are in any other domain. The legal conventions within which we operate are quite mature and well established."

Last year's national security strategy made cybersecurity a tier one priority, and an extra £650m was found for it in the strategic defence and security review (SDSR). Harvey said that digital networks were now "at the heart of our transport, power and communications systems", and this reliance had "brought the capacity for warfare to cyberspace".

"The consequences of a well planned, well executed attack against our digital infrastructure could be catastrophic ... With nuclear or biological weapons, the technical threshold is high. With cyber the finger hovering over the button could be anyone from a state to a student."

Though Harvey did not specify where future threats might come from, he warned that "it would be foolish to assume the west can always dictate the pace and direction of cybertechnology".

He highlighted how China, for one, is developing "modern militaries and modern technologies".

The foreign secretary, William Hague, told a security conference in Munich in February that the Foreign Office had repelled a cyberattack a month earlier from "a hostile state intelligence agency". Sources told the Guardian at the time that the attack was believed to originate from Chinese intelligence agencies.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Beginner's guide to SSL certificates

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.