Government trains hackers for cyberspace ops

The government has announced plans to develop the capacity to search and destroy enemies in cyberspace as part of a national security strategy.

The government has announced plans to develop the capacity to search and destroy enemies in cyberspace as part of a national security strategy.

It plans to recruit "clever young people" with an interest in cybersecurity to form a cadre of "white hat hackers". Their role would be to detect, repair and prevent cyberattacks on British national and commercial interests worldwide from national states, terrorists and criminals.

"The government can no longer stand by and suffer cyberattacks (such as infiltration via hacking and denials of service) without hitting back," Robert Hannigan, the prime minister's security advisor, said. "The idea is to provide a safety net for Digital Britain so that the internet is safe, secure and resilient."

The move follows disclosures that overseas hackers are using sophisticated trojans to steal sensitive data from government departments and major UK businesses. MI5 has warned businesses that Chinese and Russian hackers are trying to steal state and commercial secrets through the internet.

The government will set up two new bodies in September to manage the national response to cyberthreats. A UK Office of Cyber Security, located in the Cabinet Office, would handle policy-making and international negotiations for new laws and prosecutions.

The UK Cyber Security Operations Centre (CSOC), located at GCHQ, the government's electronic surveillance centre in Cheltenham, would collate, assess and distribute threat information and counterattacks.

The government will appoint a director to head the office, but all the main government departments and agencies, as well as representatives from business and the information security industry, would sit in meetings.

The bodies included the Centre for the Protection of National Infrastructure, the Ministry of Defence, the Serious Organised Crime Agency (Soca), the Association of Chief Police Constables, the Police Central e-Crime Unit (PCeU), banks, and telecommunications companies, among others.

CSOC would collect operational information on attacks from sources that include the US, Canada, Australia, New Zealand, France and Germany, as well as its own computer early response teams (CERTs) and industry-owned monitoring groups. It would share as much of this data as possible with the public to educate them about the threats and enable them to respond appropriately.

Reports from the US and Canada suggest that the intensity of attacks has risen.

Government sources said the threat from "ideologically driven" sources such as terrorists was currently low, said Hannigan, but was a long-term issue that needed to be addresssed. In the past three months, the Police Central e-crime Unit (PCeU) has helped arrest two major gangs of fraudsters, and recent arrests by Soca have often used computer-based evidence.

It was not clear at this stage whether the government would make direct use of Europe-based cybersecurity initiatives such as Nato's centre of excellence in Estonia or the pan-European CERT network.

Read more on IT risk management