News

UK takes cyber threats to infrastructure seriously

Warwick Ashford

The UK is taking seriously potential cyber threats to critical national infrastructure, such as the electrical power grid, according to Iain Lobban, director of UK intelligence agency GCHQ .

The issue was highlighted by a suspected cyber attack that officials were concerned would plunge the opening ceremony of the 2012 London Olympics into darkness.

CNI.jpg

The suspected attack turned out to be a false alarm, but GCHQ has seen technical reconnaissance of parts of the UK’s national infrastructure, Lobban told the BBC.

"Not to such an extent that we would raise a red flag, but certainly we've seen an interest – an intentional interest – in parts of that infrastructure,” he said.

As a growing number of utility services are connected to the internet, the potential for cyber attackers to gain control of those services is increasing.

The GCHQ head confirmed that the UK is working with its allies to investigate how compromises and penetrations might occur and how to guard against them.

The government has already launched two initiatives related to improving the security of critical infrastructure, and is set to launch the first national computer emergency response team later this year.

Earlier this month, the government launched the Defence Cyber Protection Partnership between the Ministry of Defence (MoD), defence firms and telecoms providers to increase supply chain security.

In March, the government launched the Cyber Security Information Sharing Partnership to help businesses and the government share information on cyber threats in real-time.

Industry insiders say there has also been a great deal of activity behind the scenes of government engaging with private sector organisations, especially telecommunications companies.

One of the biggest challenges to protecting critical national infrastructure is that about 80% of the organisations responsible for it in the UK are owned and run by the private sector.

A similar situation exits in the US, where President Barack Obama has sought to tackle problem with a long-awaited executive order that, among other things, requires the creation of a cyber security framework aimed at reducing risks to companies providing critical infrastructure.

The order requires federal agencies overseeing critical infrastructure to identify the operators most at risk and to explore whether the government can require those companies to adopt the framework.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy