The UK faces a greater risk of
"electronic
attack" than almost any other threat, according to a previously
secret government assessment released today.
The Cabinet Office's
National Risk Register ranks electronic attack on IT and
communication systems as the second greatest risk, just behind
attacks on the transport network.
The analysis examined a wide range of threats, including natural
disasters and industrial accidents, and ranked them according to
"relative likelihood" and "relative impact".
"There is a known risk to commercially valuable and confidential
information in some government and private sector systems from a
range of well-resourced and sophisticated attacks," said the
report.
"
Electronic attack may be used more widely by different groups
or individuals with various motives.
"IT systems in government departments and various organisations,
including elements of the national infrastructure, have been and
continue to be attacked to obtain the sensitive information they
hold. Some of the attacks are well planned and executed."
Referring to the threat of terrorism, the document also said the
UK remained at risk of attacks that "increasingly combine
traditional intelligence methods with new and sophisticated
technical attacks, for example by attempting to penetrate computer
networks through the internet".
According to the government, organisations can prepare for
electronic attacks by "avoiding reliance on a single technical
solution [for example, not relying solely on mobile phones for
critical communications] maintaining up-to-date contact details to
ensure non-standard communication methods can be employed and
focusing on identification and maintenance of critical users'
access to communications where possible".
Organisations are advised to "consider which IT systems are
needed to carry out critical activities, what information is needed
to carry out critical activities, how this information is stored
and how it is accessed, maintaining the same technology at
different locations that will not be affected by the same
disruption, and ensuring data is backed up and copies are kept
securely off site".