Simply put, you can't change a company without changing its management - Andy Grove - Only the Paranoid Survive
A REPORT has warned that the UK government is holding back the country's ability to hold its own in a cyber attack.
The report from the Defence Select Committee worries that institutions like the army will be left standing in their virtual underwear if they are attacked because of the government's slow pace and lack of effort.
This, it warns, is in the face of a threat that "has the capacity to evolve with almost unimaginable speed and with serious consequences for the nation's security".
"There is a consensus that cyberspace is a complex and rapidly changing environment. It was therefore important for us to consider the implications for UK defence and security. It is our view that cyber security is a sufficiently urgent, significant and complex activity to warrant increased ministerial attention," said the chair of the committee, James Arbuthnot MP.
"The government needs to put in place - as it has not yet done - mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents."
The committee and its report say that as far as it can see there is little being done in government to shore up systems and prepare them against external assaults. They ask the government whether this is the case, and urge it to prove otherwise if it is not.
"We have asked the government to set out details of the contingency plans it has in place should such an attack occur," added Arbuthnot. "If it has none, it should say so - and urgently create some."
UK systems and institutions face a number of challenges, including the threat of hacktivist protest groups like Anonymous, according to the report.
"Threats to security and information in the cyber domain include state-sponsored attacks, ideological and political extremism, serious organised crime, lower-level/individual crime, cyber protest, cyber espionage and cyber terrorism," it says in its threats section.
"In times of conflict, vulnerabilities in cyberspace could be exploited by an enemy to reduce our military's technological advantage, or to reach past it to attack our critical infrastructure at home."
In a statement, the UK Ministry of Defence (MoD) said that actually the UK is very well prepared and has a range of contingency plans in place.
"The UK Armed Forces and the equipment and assets they use are amongst the world's most modern and advanced, so of course information technology plays a vital role in their operation," said defence minister Andrew Murrison.
"Far from being complacent, the MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail. The level of government funding to tackle this threat underlines the importance we attach to these issues."
One expert, David Harley, a senior research fellow at internet security firm ESET, said that while there are undoubtedly challenges in the area, they will not have been overlooked by anyone who is involved.
"It's not new news that modern military forces are highly reliant on information technology, or that attackers might look for ways in which to subvert that technology. New technologies always inspire new counter-technologies and evasive strategies; 'Electronic Pearl Harbours' constantly recur in political commentary," said Harley, as he suggested that people who are more informed than members of parliament should be commenting.
"No military strategist or tactician in the 21st century is going to assume that technology is unbreakable, and codifying rules of engagement is an important task at national and international level. However, it's just one part of a very complex problem, and the organisation's IT security strategy should be based on expert opinion from within the military and security services, not just the opinions of MPs." µ
Sign up for INQbot – a weekly roundup of the best from the INQ