News

Cyber threats top national security concerns

Computer-initiated threats have rocketed up the government's list of threats to national security, according to reports ahead of the publication of a review of national security strategy on Monday.

In the previous review published in June 2009, cyber threats ranked below climate change, terrorism and failed states and the banking crisis.

According to reports, terrorism and cyber threats are now seen as the leading risks to national security.

"Cyber space is increasingly vital for our prosperity and our way of life," a special report on cyber security commissioned by the Brown government said in June last year. "But cyber space is also a domain in which hostile states, terrorists, and criminals can operate, putting the interests of businesses and citizens at risk."

It suggested computers were involved in identity theft, crime and disruption that cost the world economy more than £1 trillion a year.

Iain Lobban, the head of GCHQ, the UK's electronic spy organisation, said last week that more than 20,000 e-mails with malicious software were found on government networks each month, with more than 1,000 deliberately targeted them.

He said one nation had already tried to bring diplomatic or economic pressure to bear using cyber attacks, and GCHQ had seen theft of intellectual property related to commercial and national security on a massive scale.

Quoting MI5 director Jonathan Evans he said, "Cyber space lowers the bar for entry to the espionage game, both for states and for criminal actors."

Of more immediate concern is the emergence of malware such as the Stuxnet worm, described by German interior minister Thomas de Maizière as a "watershed in cyber security".

Stuxnet is widely believed to be designed by Israeli experts to attack the Windows-based control system supplied by Siemens for Iran's nuclear power plant.

Researchers say Stuxnet proves that it is possible for malware to take over the supervisory control and data acquisition (Scada) systems that provide the automation for critical national infrastructure such as the gas pipelines, nuclear power stations, communications, water and transport infrastructure.

Most Scada systems are separate from the internet. It is believed that Stuxnet requires infection via an infected USB stick. A USB stick was the source of infection of the worst breach of US military computers acknowledged so far.

The UK government has already gone on the offensive with a campaign to identify and hire suitable 'white hat' hackers and setting up the Cyber Security Operations Centre at GCHQ in Cheltenham to co-ordinate threat information and responses.

GCHQ was also lobbying hard for the £12bn Interception Modernisation Programme (IMP), a controversial project to record and retain every electronic communication that entered or transited UK networks. IMP's future may be settled by the Strategic Defence Review, which the government will publish on Tuesday.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy