Feeds

UK.gov: 'Foreign cyber reconnaissance' underway in UK

Eyes on tentacles peer from network pipes around YOU

The essential guide to IT transformation

Foreign states may already have used malware to map the networks that support the UK's critical infrastructure systems, the government admitted.

The admission by government officials came in the run-up to a parliamentary statement by Cabinet Office minister, Francis Maude, marking the first anniversary of the UK's government's National Cyber Security Strategy.

Maude highlighted future work on a new UK National Computer Emergency Response team, further work on education and skills, Cyber Reservists for the MoD and a partnership with the private sector to boost the cyber security sector in the UK. He pointed out that the private sector is the largest economic victim of crime-crime, such as IP theft, and from economic espionage perpetrated through cyberspace, as well as highlighting efforts to improvement the protection of the UK's critical infrastructure in a written statement to parliament on Monday (3 December).

"We have invested in new and unique capabilities for GCHQ to identify and analyse hostile cyber attacks in order to protect our core networks and services and support the UK’s wider cyber security mission," Maude said. "I cannot reveal details of this work, but it has broadened and deepened our understanding of the threat, helping us prioritise and direct defensive efforts."

"The Security Service has developed and enhanced its cyber structures, focusing on investigating cyber threats from hostile foreign intelligence agencies and terrorists, and working with UK victims. This informs the work of the Centre for the Protection of National Infrastructure (CPNI) which is helping organisations to improve their cyber security measures."

"CPNI is actively influencing standards, researching vulnerabilities and focusing on the key technologies and systems of cyber infrastructure. As part of this work it has commissioned a major research programme from the University of Oxford with the aim of delivering advice, guidance and products to help reduce the risk of cyber attacks mounted or facilitated with the help of company insiders."

Maude praised efforts to secure systems during the Olympics as well as looking ahead to a new Cyber Incident Response scheme, recently launched by CESG and CPNI in pilot form, will move to become fully operational in 2013. Next year will also see the merger of cyber-policing units at Scotland Yard and SOCA to form the new National Cyber Crime Unit of the new National Crime Agency.

The cyber security strategy was launched on 25 November 2011 as a means to co-ordinate government and private sector efforts in the fight against cyber-espionage, malware and other internet security threats.

The government budgeted £650m to bolster the nation's cyber-defences as part of the 2010 strategic defence review. GCHQ was given the lead role and the lion's share of the budget. Only £30m was earmarked for law enforcement.

Government ministers and officials argue that the threats is growing and facilities that power utilities, banking and other vital services are at the front line of attack. The threats come in the form of attacks designed to steal intellectual property and trade secrets as well as more general cybercrime and probes against the networks of utilities and others.

Officials will not be drawn on who is responsible for reconnaissance-style attacks on UK infrastructure systems, beyond saying that the threat came from abroad.

"We understand that there is a threat from hostile foreign states and others to attack it," a senior official said, The Guardian reports.

"It would be absolutely in keeping with that – we have seen attempts by hostile foreign states through cyberspace as well."

"There are attacks against critical national infrastructure and I am not going to say whether they were or weren't successful," the official added.

US officials have warned about attacks on that country's national infrastructure but unlike their UK counterparts they have been far less reticent about apportioning blame, singling out China and Russia for criticism.

Chris McIntosh, chief exec at encryption firm ViaSat, commented that news that cyber-attacks are increasingly targeting critical infrastructure ought to come as little surprise.

"While previously national energy or resource infrastructure was relatively safe from these attacks, the modernisation of these networks has meant they are closely connected to the internet and so more vulnerable than ever. While at one level the threat to infrastructure could involve the targeting of individual sections of the network and deny certain services at specific areas, at the extreme level these attacks could potentially be used to overload systems or override safety mechanisms, causing catastrophic damage to the surrounding area and the infrastructure as a whole." ®

Next gen security for virtualised datacentres

More from The Register

next story
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Linux kernel devs made to finger their dongles before contributing code
Two-factor auth enabled for Kernel.org repositories
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.