GCHQ to help firms combat cybercrime

 

Francis Maude: "We're looking to develop hubs so knowledge can be brought together, enabling both private and public sector to protect themselves"

Related Stories

The government plans to share tactics and technology with businesses to combat cybercrime and protect the UK's growing internet economy.

Intelligence agency GCHQ will work more closely with firms and could share its technology commercially.

The government says internet business generates about 6% of the UK's GDP - more than agriculture or utilities.

Its Cyber Strategy also encourages courts to use powers to restrict computer use by cyber criminals.

Constant attacks by cyber criminals, activists, hackers and foreign states trying to steal official and commercial secrets mean cyber-attacks are now ranked on a par with international terrorism as a threat.

'World class expertise'

The government says there are more than 20,000 malicious emails sent to its networks each month, 1,000 of which are deliberately targeted.

Ministers have set aside £650m of new money to better protect key infrastructure and defence assets from "cyber warfare".

The strategy published on Friday says that about half of that money will go to the government's listening post - GCHQ - in Cheltenham to increase its ability to fight off cyber attacks.

ANALYSIS

The new cyber strategy makes clear that an effort is required from government, industry and the public working together.

The challenge will be co-ordinating that and driving the strategy through so that it actually delivers what it promises.

Even within government, the ministerial overlaps are complex with the Foreign Office, Ministry of Defence, Department for Business Innovation and Skills as well as the Cabinet Office and others involved.

Private businesses are sometimes nervous of sharing data about cyber attacks with others for fear of the impact on customers or the help it might give competitors.

And establishing where the balance of responsibility for security lies (and therefore the cost when things go wrong) between security companies, GCHQ, government departments, ISPs, businesses and individual internet users is no easy task.

Ministers say they are also looking at ways that GCHQ's "world class expertise" in the area might be used to help businesses - for example looking at whether encryption techniques and other expertise that is not considered top secret might have commercial applications.

The government also plans a new Defence Cyber Operations Group - which will include a unit at GCHQ which will develop "new tactics, techniques and plans to deliver military effects, including enhanced security, through operations in cyberspace".

Much of the strategy focuses on improving links with the private sector on the issue of cybercrime - with "hubs" to allow information to be shared on cyber threats and a pledge to look at new ways to bring together businesses, academics and government to exploit the latest innovations in tackling the threat.

The government says the internet is a growing part of the UK economy - predicted to create 365,000 jobs over the next five years. Cabinet Office Minister Francis Maude told the BBC the aim was to "make the UK one of the most secure places in the world to do business".

"The attitude at GCHQ, the willingness to collaborate with the private sector is very clear and evident ... we're looking for ways for GCHQ to collaborate with the private sector, looking at the commercial exploitation of some of their intellectual property and capability."

'Scareware'

Individuals will be given more help to protect themselves, amid a warning from GCHQ that 80% of successful attacks could be thwarted by following simple steps like updating anti-virus software regularly.

The strategy suggests "kitemarking" cybersecurity software to help consumers and businesses avoid "scareware" - software which purports to be helpful but is, in fact, malicious.

But the strategy also urges police, prosecutors and the courts to use existing powers to restrict and monitor computer use by convicted cyber criminals, who are considered likely to strike again online.

Cybersafety

Protecting your computer:

  • Install anti-virus and anti-spyware software, and turn on your firewall
  • Update your operating system
  • Use up-to-date applications, such as your web browser or word processing package
  • Encrypt your wireless network
  • Block spam emails

Staying safe online:

  • Use strong passwords
  • Do not give away too much personal information on blogs and social networking sites
  • Activate privacy settings on social networking sites
  • Do not open email attachments from people you don't know

Source: Get Safe Online campaign

The Ministry of Justice and Home Office will also consider whether orders restricting internet use can be enforced using "cyber tags", software which triggers automatic warnings to the police or probation service that a suspect is breaching an order.

And all police forces will be encouraged to follow the lead of the Metropolitan Police and train "cyber specials" with expert knowledge of cybercrime.

David Clemente, a cyber security expert at Chatham House, told the BBC the government's strategy was a "promising step" - but it would be a challenge to deliver the dozens of actions listed when government spending is so tight.

Earlier this month, Iain Lobban, the head of GCHQ, told a cyber security conference in London that a "significant" attempt was made to target the computer systems of the Foreign Office and other government departments over the summer.

Baroness Neville-Jones, the PM's special representative to business on cybersecurity, said Russia and China - who both attended the conference - were some of the worst culprits involved in cyber-attacks.

Foreign Secretary William Hague has said cyber-attacks could become a major threat to the country's economic welfare and its national infrastructure, such as electricity grids.

 

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

Comments

This entry is now closed for comments

Jump to comments pagination
 
  • rate this
    +9

    Comment number 7.

    The trouble for most consumers and businesses is that cybercrime is not taken at all seriously by local police. If you have ever tried reporting an online scam, card fraud, theft from an eBay account or general hacking, you are unlikely to find someone who understands the problems, let alone willing to investigate a complex multinational problem. For the criminals, it is almost risk free.

  • rate this
    +3

    Comment number 6.

    I spent a long career in an IT company. Whilst we thought the IT security rules they had were often overkill, the public sector in particular and public in general are at least 20 years behind when it comes to IT security and basic processes are poor (as the phone hacking episodes showed). Cyberthreats make the problem much more serious and threaten commerce as well as national security.

  • rate this
    +3

    Comment number 5.

    Surely this has to be a good thing. Cyber crime is constantly evolving, so its good to see the goverment taking serious steps to tackle it.

  • rate this
    -9

    Comment number 4.

    Fascism marches onwards.

  • rate this
    +4

    Comment number 3.

    To stop leaving laptops on the train and not dumping parliamentary papers in a park rubbish bin would be a move in the right direction. And where exactly is this "new money" coming from?

  • rate this
    +14

    Comment number 2.

    This coming hours after the Ministry of Defence reported that in the last 18 months it has lost 188 laptops, 99 desktop PCs, 18 mobile phones, 10 blackberries, 194 DVDs, 72 hard drives and 73 USB sticks.

    Good work chaps!

  • rate this
    0

    Comment number 1.

    £650m will probably be spent on an advisor. He will then tell ministers to stop leaving secrets on park penches. Well done guys, another winner.

 

Page 8 of 8

 

More Politics stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.