tashka2000 - Fotolia

Philip Hammond goes on the attack to target cyber threat to UK economy

Speaking at the Microsoft Future Decoded event in London, the Chancellor revealed how Britain would take an offensive stance to protect infrastructure

Chancellor of the Exchequer Philip Hammond has stressed the UK’s determination to tackle the cyber threat.

In his keynote presentation at Microsoft’s Future Decoded conference in London, Hammond said: “I believe there is a once-in-a-generation opportunity for the UK to cement our role as a leader in digital tech innovation and to future-proof the economy of post-Brexit Britain.”

The UK is strongly placed to be at cutting edge of digital revolution, he said. “If we want Britain to be the best place in the world to be a tech business, it is also crucial that Britain is also a safe place to do digital business.”

Hammond said the systems that run people’s daily lives, such as air traffic control, satellites, power grids and the domestic devices in people’s pockets, their homes or their cars, are all connected to the internet.

“Just as technology presents huge opportunities for our economy, so too it poses risks,” he said.

Speaking after the government’s re-announcement of £1.9bn of cyber security funding and the publication of the National cyber security strategy 2016 to 2021 report, Hammond said: “Trust in the internet and the infrastructure on which it relies is fundamental to our economic future. Without that trust, faith in the whole digital edifice will fall away. We need a secure cyber space, and we need to work together – business and government – to deliver it.”

Hammond said the government would strengthen the defences of government networks and critical national infrastructure. The UK would also take a more active approach to cyber security, supporting the industry’s use of automated defence techniques to block, disrupt and neutralise malicious activity before it reached the user, he said.

Read more about cyber security

“There are three core pillars to the strategy: defend, deter and develop, underpinned by £1.9bn of funding,” he said.

Hammond said the government would work with industry to reduce the impact of cyber attacks while driving up standards across the public and private sector.

“We will ensure the most sensitive networks and systems on which our government’s security depends are protected,” he said.

Turning to deterrence, Hammond added: “We will continue to invest in our offensive cyber capabilities because the ability to detect, trace and retaliate in kind is likely to be the best deterrent.”

On the development front, he announced a new security research institute comprising a virtual network of UK universities dedicated to researching how to secure smartphones, tablets and laptops.

Ian Levy, technical director at the National Cyber Security Centre, called for the IT industry to focus on systemic root-cause management instead of blaming the user. In his Future Decoded presentation, Levy referenced a paper published in the early 1970s describing the potential for buffer overflow errors, the most common way for attackers to compromise IT systems.

Such errors should have been fixed by now, said Levy, just as aircraft engineers working on early commercial planes determined that rectangular aircraft windows caused stress fractures and were systematically phased out.

“We blame the user for bad system design. That’s stupid,” he said, adding that cyber security should stop trying to force users to use increasingly complex passwords and start becoming more of a data-driven discipline.

Read more on Hackers and cybercrime prevention