The government has announced plans to develop the
capacity to search and destroy enemies in cyberspace as part of a
national security strategy.
It plans to recruit "clever young people" with an interest in
cybersecurity to form a cadre of "white hat hackers". Their role
would be to detect, repair and prevent cyberattacks on British
national and commercial interests worldwide from national states,
terrorists and criminals.
"The government can no longer stand by and suffer cyberattacks
(such as infiltration via hacking and denials of service) without
hitting back," Robert Hannigan, the prime minister's security
advisor, said. "The idea is to provide a safety net for Digital
Britain so that the internet is safe, secure and resilient."
The move follows disclosures that overseas hackers are using
sophisticated trojans to steal sensitive data from government
departments and major UK businesses.
MI5 has warned businesses that Chinese and Russian hackers are
trying to steal state and commercial secrets through the
internet.
The government will set up two new bodies in September to manage
the national response to cyberthreats. A UK Office of Cyber
Security, located in the Cabinet Office, would handle policy-making
and international negotiations for new laws and prosecutions.
The UK Cyber Security Operations Centre (CSOC), located at GCHQ,
the government's electronic surveillance centre in Cheltenham,
would collate, assess and distribute threat information and
counterattacks.
The government will appoint a director to head the office, but
all the main government departments and agencies, as well as
representatives from business and the information security
industry, would sit in meetings.
The bodies included the Centre for the Protection of National
Infrastructure, the Ministry of Defence, the Serious Organised
Crime Agency (Soca), the Association of Chief Police Constables,
the Police Central e-Crime Unit (PCeU), banks, and
telecommunications companies, among others.
CSOC would collect operational information on attacks from
sources that include the US, Canada, Australia, New Zealand, France
and Germany, as well as its own computer early response teams
(CERTs) and industry-owned monitoring groups. It would share as
much of this data as possible with the public to educate them about
the threats and enable them to respond appropriately.
Reports from the US and Canada suggest that the intensity of
attacks has risen.
Government sources said the threat from "ideologically driven"
sources such as terrorists was currently low, said Hannigan, but
was a long-term issue that needed to be addresssed. In the past
three months, the Police Central e-crime Unit (PCeU) has helped
arrest two major gangs of fraudsters, and recent arrests by Soca
have often used computer-based evidence.
It was not clear at this stage whether the government would make
direct use of Europe-based cybersecurity initiatives such as Nato's
centre of excellence in Estonia or the pan-European CERT
network.