UK cyber protection should be more aggressive, say MPs

The UK should declare cyber war on states and cyber criminals who target the country, say MPs

The UK should declare cyber war on states and criminals who target the country by using aggressive retaliatory strikes, says Parliament's Intelligence Security Committee (ISC).

The call comes in the ISC's annual report, which says too little is being done to protect UK cyberspace. The ISC report said security agencies should engage in covert cyber attacks on enemy states.

Last month, MI5 chief Jonathan Evans said the intelligence agency was fighting astonishing levels of cyber-attacks on UK government and industry, claiming that one London company lost £800m in revenue as a result of such an attack. 

The committee said it was concerned that much of the work to protect UK interests in cyberspace is still at an early stage.

The report said: “Twenty months into the National Cyber Security Programme, there appears to have been some progress on developing cyber capabilities.  

"However, cyber security is a fast-paced field and delays in developing our capabilities give our enemies the advantage.”

However, representatives of the IT security industry said the ISC's calls for active disruption of enemy networks may be a step too far.

While the ISC's comments highlight the extent of the current cyber threat, caution must be taken to prevent an unnecessary cyber war, said Paul Davis, director of Europe at security firm FireEye.

He cautioned against knee-jerk actions against supposed hackers and warned against long-term ramifications of picking fights with an invisible enemy.

“This is an incredibly sensitive time for security professionals – whether we are talking about government, private businesses or any other organisation handling confidential data or intelligence," said Davis.

Davis said a well thought-out strategy to ensure networks are constantly protected should be the top priority.

"In the first instance, organisations should investigate how their networks would withstand potential attacks and if it turns out that they are not up to scratch, the focus – both in terms of effort and funding – should be placed on plugging those gaps," said Davis.

A proactive analysis of existing security measures and an understanding of where vulnerabilities lie could stand organisations in better stead in the long run, Davis said.

Engaging in antagonistic pre-emptive cyber attacks are likely to incite more damaging and sophisticated attacks on the UK's cyber infrastructure, said Ross Brewer, managing director and vice-president of international markets at security and compliance firm LogRhythm.

He believes the move to an active defence system simply requires truly proactive protection of the UK's own networks, which means continuous, protective monitoring of every single event that occurs across networks to ensure that even the smallest intrusion or anomaly can be detected before it becomes a bigger problem for all.

The UK's cyber security depends on the ability to identify, isolate and remediate any potential cyber threats as they occur, said Brewer.

Having such an in-depth insight into IT networks also gives organisations the actionable intelligence to conduct effective forensic investigations into cyber attacks.

"Unfortunately, even once a cyber breach has been remediated and any potential damage minimised, there often remains an enormous amount of uncertainty and speculation surrounding the origins of the attack and attackers, which plays a large role in inciting further cyber aggression," said Brewer.

Further forensic analysis of the breach is often required to attribute cyber attacks accurately and avoid serious mistakes, he said.

Read more on Hackers and cybercrime prevention

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Unfortunately, as soon as you use a word like "fight" someone who hasn't really progressed since the infants' schoolyard is going to start chanting and inciting a war. And sometimes such people are MPs. Perhaps "combatting", being a longer word, is safer, and "anticipating", "preparation", "security" and "protection" even better.


The problem is you can NEVER be 100% sure where the on-line attack came from (there are hundreds of methods to cover your tracks), so if the MI5 was to wage Internet war on someone, they better double check their findings using more traditional espionage techniques, before making a hostile move against an entire nation. After reading this article, and the recent failure of the Pirate Bay ban I am now 100% sure the UK government has ZERO clue of how the Internet works and what to do with it. I'm not a rocket scientist, so I don't build rockets. Maybe that should be the motto for the MPs.


I honestly think defence is the way forward - a lot of companies don't invest as much into their I.T. as they should. Now how is the government going on the offensive (possibly after a bunch of poor souls who don't have a clue) going to help matters in any way - it's like playing with fire, they will rile up the attackers. I'm not just considering Nation States here if that is who the main target is but still, how would this help protect our infrastructure?

What we need is more education to a lot of developers who still seem to leave gaping holes in their applications (and I don't exclude government websites from this), education to the general public about how these attacks can happen and meanwhile the Government can carry on practicing developing their super secret snooping/disabling apps.