UK military reliance on technology could leave it fatally compromised by a sustained cyber attack, say members of the parliamentary defence select committee.
The committee claims there are worrying gaps in the Ministry of Defence's cyber strategy and has called for urgent ministerial intervention.
The defence select committee's report acknowledged that much has been done since the 2010 strategic defence and security review made cyber security a tier-one priority. The report praised the work of the MoD’s new top-secret Global Operations Security Control Centre.
But MPs say their inquiry highlighted worrying gaps in strategy and thinking. They said it was unclear to them who would be in charge if the UK came under sustained cyber attack.
"The evidence we received leaves us concerned that with the armed forces now so dependent on information and communications technology, should such systems suffer a sustained cyber-attack, their ability to operate could be fatally compromised," the defence select committee's report says.
Read more about cyber security
- Cyber security will change ideas of the nation state, says Stonesoft
- UK to launch public cyber security awareness campaign
- Israel launches cyber warfare training programme
- Half of companies lack cyber threat knowledge
- Top cyber threats underline need for security awareness
- Cyber security at US energy agency found wanting
- UK cyber protection should be more aggressive, say MPs
Although MPs said the Ministry of Defence (MoD) had done a lot to secure its own systems, they were concerned other organisations and suppliers who work with the military were vulnerable to cyber attacks. MPs expressed concern that enemies could find a backdoor route into the MoD.
The report coincides with the introduction of new US Defense Department policies designed to pre-empt software supply chain vulnerabilities.
The committee report concludes: "The government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities that cyber presents. It is time the government approached this subject with vigour."
The shadow defence secretary, Jim Murphy, said the report was worrying. The Guardian quoted him as saying: "Policy progress is falling behind the pace of the threat our armed forces face. Vulnerabilities must be tackled urgently and ministers must respond in detail to the demands in this report."
But the minister for international security strategy at the MoD, Andrew Murrison, denied there was any complacency on the issue.
“The MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail. Government funding to tackle this threat underlines the important we attach to these issues," he said.
The UK Cyber Security Strategy, published in 2011, identified criminals, terrorists, foreign intelligence services, foreign militaries and politically motivated hacktivists as potential enemies who might choose to attack vulnerabilities in UK cyber defences.