GCHQ chief reports 'disturbing' cyber-attacks on UK

 
Cyber security analyst in the US The UK says cyber crime is as serious a threat as international terrorism

Cyber attacks on the UK are at "disturbing" levels, according to the director of Britain's biggest intelligence agency.

Government computers, along with defence, technology and engineering firms' designs have been targeted, Iain Lobban, the head of GCHQ, has said.

China and Russia are thought to be among the worst culprits involved in cyber attacks.

On Tuesday, the government hosts a two-day conference on the issue.

Foreign Secretary William Hague convened the London Conference on Cyberspace after criticism that ministers are failing to take the threat from cyberwarfare seriously enough.

It aims to bring together political leaders, such as US Secretary of State Hillary Clinton and EU digital supremo Neelie Kroes, with leading cybersecurity experts and technology entrepreneurs such as Wikipedia founder Jimmy Wales and Cisco vice-president Brad Boston.

Analysis

The threats from cyberspace are growing increasingly complex and sophisticated.

They range from cybercriminals seeking to steal credit cards to groups of hackers seeking to cause trouble. Equally, it can involve states seeking to steal secrets or even carry out attacks, as happened on Iran's nuclear programme with the Stuxnet virus.

The overlap between these groups - with states sometimes subcontracting work out to criminal networks - only increases the problems of working out who is behind any attack.

Governments have been struggling to keep pace with what is taking place and London is playing host to a major conference on the subject starting Tuesday with delegates invited from around the world.

Part of the aim of the meeting is to seek ways of making cyberspace more secure.

Mr Hague believes a "global co-ordinated response" is required to forge policy on cyber development.

Baroness Pauline Neville Jones, the prime minister's special representative to business on cybersecurity, said Russia and China were some of the worst culprits involved in cyber-attacks.

"It's damaging in the end to try and play both sides," she said.

"If you are a company that comes from a country like China you can suffer if in the end people believe it's threatening to employ your products."

Writing in the Times, Mr Lobban said: "The volume of e-crime and attacks on government and industry systems continues to be disturbing".

"I can attest to attempts to steal British ideas and designs - in the IT, technology, defence, engineering and energy sectors, as well as other industries - to gain commercial advantage or to profit from secret knowledge of contractual arrangements.

"Such intellectual property theft doesn't just cost the companies concerned; it represents an attack on the UK's continued economic wellbeing."

Mr Lobban added that government online taxation and benefits services could be targeted in future, and said a black economy had already developed which saw UK citizens' credit card details offered for sale.

'Rich pickings'

The Ministry of Defence foiled more than 1,000 cyber-attacks in the last year from criminals and foreign intelligence services.

The Foreign Secretary William Hague revealed in February that computers belonging to the government had been infected with the "Zeus" computer virus, after users opened an e-mail purporting to come from the White House and followed a link.

He said cyberspace was providing "rich pickings", with UK defence contractors also being targeted.

In January, three Foreign Office staff were sent an e-mail apparently from another colleague in the Foreign Office.

In fact, Mr Hague said, the e-mail was "from a hostile state intelligence agency" and contained "code embedded in the attached document that would have attacked their machine."

'Unacceptably' high risk

But the government has been criticised for failing to take a strong lead in protecting critical systems such as power and water from cyberattack.

The vast majority of critical infrastructure in the UK is privately owned.

A leading think tank, Chatham House, has said there is a reluctance by government to share information with the private companies that might be targeted.

It also criticised those same companies for putting up with an "unacceptably high level of risk".

Professor Peter Somer - a cybersecurity expert at the London School of Economics - said it may be necessary to force major infrastructure companies to invest in protecting themselves against cyber attack.

"We may need to get to the point where we say .... you have to have a licence and a condition of the licence is going to be having adequate protection and having contingency plans. They are not going to like it."

The government says it ranks cybersecurity as a top priority.

Last year it announced £650m of additional funding to help tackle computer-based threats.

Around £130m, or 20%, is specifically earmarked for critical infrastructure projects.

 

More on This Story

The BBC is not responsible for the content of external Internet sites

Comments

This entry is now closed for comments

Jump to comments pagination
 
  • rate this
    +6

    Comment number 199.

    We have long been too reliant and in many cases wholly dependable on IT based communications and transactions in almost every workplace. This begs the serious question of contingency plans if systems crash beyond retrieval. I'm not a doom-monger but the effects of a large-scale cyber attack would be horrendous. And thats not hype.

  • rate this
    +1

    Comment number 182.

    It has taken a long time to recognise just the seriousness of this threat. It first became obvious when hacking developed. And yet there are still those who cannot see the huge potential of this global weopon. None so blind as will not see.

  • rate this
    +36

    Comment number 81.

    We're damned whatever we do. Either we have 'secure' networks connected to the internet...and therefore subject to cyber attack; or we isolate them from the internet so that the only way in or out is to physically connect a flash drive, CD or laptop...which some minister or civil servant then leaves on the Circle Line. :(

  • rate this
    -38

    Comment number 78.

    Yet another story about something that didn't happen? a "significant" unsuccessful internet-based attack".

    Reminds me of the Y2K bug and governments ability to waste more money - spend it on keeping tabs on security people who leave their laptops on the train for anyone to access!

  • rate this
    +14

    Comment number 73.

    Cyber attacks are one of the major threats to sovereign countries and their economies . We have long known many of these attacks originate in the far east and its about time we named and shamed governments . These attacks are the result of criminals robbing , or of mischevious individuals but concerted attacks to obtain sensitive data and information for political and economic gain .

 

Comments 5 of 13

 

More UK stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.