To
effectively combat its cyber enemies, the UK needs to wage attacks
against its cyber aggressors, according to MPs on the Intelligence and
Security Committee (the "ISC"). In the European sphere, the European
Commission launches consultation on cyber security.
MPs on the Intelligence and Security Committee ("ISC") have called on the UK to actively engage in "defensive" or "pre-emptive" cyber attacks because they believe that the UK's cyber defence programme alone is too weak to endure attacks. This strategy is in line with comments recently made by the head of the Central Intelligence Agency, and reflects the strategy that America has all but admitted in relation to the recent Flame and Stuxnet attacks on Iran's nuclear and energy infrastructure.
At the same time, the European Commission has launched a consultation on cyber security, seeking the views of governments, businesses and citizens to assess possible responses to cyber incidents causing major internet disruptions. The Commission has launched the consultation to help it prepare a legislative proposal on security, ahead of its upcoming EU strategy on cyber security. You can read the consultation here.
So what? Following the announcement of the National Cyber Security Programme in 2010 to transform the UK's cyber skills and capabilities by 2015, which received a mid-recession budget of £650m, the focus has been on developing the UK's capabilities in defending against such attacks. Although the defence strategy remains a priority for the UK, MPs on the ISC acknowledge that:
"cyber security is a fast-paced field and delays in developing its capabilities give the enemies the advantage".
Thus, the resilience of the UK's defence capabilities is weakened by ever-changing techniques employed by cyber attackers. Therefore, MPs believe that military and intelligence agencies should be allowed to go on the offensive in the cyber war.
Interfering with the systems of those trying to attack UK networks, hacking into enemies' networks and systems or destroying enemy data without being detected are examples of "active defence" measures that the ISC would support.
It is interesting to note the change in terminology of late. There is an ever-increasing use of military language of defence and attack, security, battle lines, etc. These are emotive words, which position cyber attacks as part of a "war" thereby seeking to justify ever-increasing use of cyber capabilities, whether to defend or attack.
Cyber warfare attacks are considered to be the fasting growing threat against national security. It would seem that the heightened risk to national security has exposed the limitations in the UK's defence capabilities to counteract cyber attacks. The offensive play (or at least the admission of such a play) is relatively new, and reveals the priority that Government is giving to this area.
MPs on the Intelligence and Security Committee ("ISC") have called on the UK to actively engage in "defensive" or "pre-emptive" cyber attacks because they believe that the UK's cyber defence programme alone is too weak to endure attacks. This strategy is in line with comments recently made by the head of the Central Intelligence Agency, and reflects the strategy that America has all but admitted in relation to the recent Flame and Stuxnet attacks on Iran's nuclear and energy infrastructure.
At the same time, the European Commission has launched a consultation on cyber security, seeking the views of governments, businesses and citizens to assess possible responses to cyber incidents causing major internet disruptions. The Commission has launched the consultation to help it prepare a legislative proposal on security, ahead of its upcoming EU strategy on cyber security. You can read the consultation here.
So what? Following the announcement of the National Cyber Security Programme in 2010 to transform the UK's cyber skills and capabilities by 2015, which received a mid-recession budget of £650m, the focus has been on developing the UK's capabilities in defending against such attacks. Although the defence strategy remains a priority for the UK, MPs on the ISC acknowledge that:
"cyber security is a fast-paced field and delays in developing its capabilities give the enemies the advantage".
Thus, the resilience of the UK's defence capabilities is weakened by ever-changing techniques employed by cyber attackers. Therefore, MPs believe that military and intelligence agencies should be allowed to go on the offensive in the cyber war.
Interfering with the systems of those trying to attack UK networks, hacking into enemies' networks and systems or destroying enemy data without being detected are examples of "active defence" measures that the ISC would support.
It is interesting to note the change in terminology of late. There is an ever-increasing use of military language of defence and attack, security, battle lines, etc. These are emotive words, which position cyber attacks as part of a "war" thereby seeking to justify ever-increasing use of cyber capabilities, whether to defend or attack.
Cyber warfare attacks are considered to be the fasting growing threat against national security. It would seem that the heightened risk to national security has exposed the limitations in the UK's defence capabilities to counteract cyber attacks. The offensive play (or at least the admission of such a play) is relatively new, and reveals the priority that Government is giving to this area.