Coffee House

Britain is dangerously vulnerable to crippling cyber attacks

9 January 2013

Ill prepared, ill suited and irrelevant — that’s the conclusion a new report on Britain’s cyber defences. In a scathing analysis, the House of Commons Defence Committee’s demands the government take the cyber threat more seriously:

‘The Government needs to put in place — as it has not yet done — mechanisms, people, education, skills, thinking and policies which take it into both the opportunities, and the vulnerable, which cyber presents. It is time the government approached this subject with vigour.’

The constantly evolving threat from hackers has left the government struggling to stay one step ahead of hackers. Their last initiative — the Cyber Reservists — is less bringing in highly skilled experts and more a digital Dad’s Army. But what appears particularly concerning is the threat posed to our Army:

‘…the Armed Forces now so dependent on information and communications technology, should such systems suffer a sustained cyber attack, their ability to operate could be totally compromised.


When attacks have penetrated our defences at troop level, one would assume there would be plans to counter a serious attack on our critical national infrastructure. Again, the report suggests the government is lacking:

‘There is clearly still much work to be done on determining what type or extent of cyber attack would warrant a military response…we recommend the Government ensure that civil contingency plans identify the military resources that could be drawn upon in the event of a large-scale cyber attack’ 

The shadow defence minister Jim Murphy has jumped onboard to lambast the government, stating that ‘policy progress is falling behind the pace of the threat our armed forces face’ and urges the Ministry of Defence to ‘tackle vulnerabilities urgently’. More than just a preventative strategy is required, as  the report suggests, ‘it is not enough for the Armed Forces to do their best to prevent an effective attack’.

Simply, the MoD needs to put more muscle behind defending the nation online. Where and how can this be done? The first obvious area is leadership. The Defence Committee criticises the lack of single minister or department responsible for cyber defences, though Cabinet Office minister Francis Maude comes the closest. The threats are so frequent and of such veracity there is now the need for ‘increased ministerial attention’. The other area is funding. Increasing investment in cyber defences would allow the Ministry of Defence to woo more people from the private sector, develop the skills of staff and help them to respond better to the shapeshifting digital environment.

But the whole government, not just the MoD, has very little room to spare on budgets so where the money will come from? Cutting front line defences is not an option, so  the government is left with the unenviable task of reworking (already limited) budgets to fight new and complicated threats. If they fail, we’ll know soon enough.

More Spectator for less. Subscribe and receive 12 issues delivered for just £12, with full web and app access. Join us now.

  • Olaf

    There is nothing more dangerous than a manager (or MP) who thinks they know about ‘computers’. They’re more concerned with getting the latest kit (iPads as usual) then getting kit which is functional and secure.

    the government has little interest in doing thing securely because it makes life harder int he short term and stops them getting whatever they want when they snap their fingers. So we have Government organisations using insecure service like Dropbox and Google-Drive to store and transmit information, critical websites on Blogger, iphones and ipads not Blackberries. All because those at the top cannot tell the difference between what is suitable for home and what is suitable for Government.

    Similarly to employ the people needed to secure military communications will take a lot of money. These people are talented and in demand by Blue Chip tech companies like Google, Apple etc. Why would they take a poorly paid job in a dreary bureaucratic monster when they could work in the Google Dream factory and get more money and not pay the stupid rates of tax over here.

    The best thing a Government can do to secure the nation is back off and leave it to people who know what they are doing. Not some middle aged ex-spad who wants some shiny toys and has learned the latest words for buzz-word bingo.

    • telemachus

      No Olaf
      There needs to be political direction to all big IT projects
      Once direction is allowed to proceed with the profit motive we are all introuble

  • El_Sid

    The US is going on the offensive:
    Their latest budget request for cyber is $4bn in 2013.

    • TomTom

      Yes but Russia probably has more for less and China increasingly. The US will simply fund Israeli technology companies and continue to import Chinese-chips and systems with backdoors. The only reason the MPs are talking about this is because the NSA wants additional programmers at GCHQ and Menwith Hill if they are continuing to pay the bills – they have just opened a Menwith Hill inside the USA to monitor telephone/Internet traffic internally

      • the viceroy’s gin

        No, Russian avionics and systems engineering have remained well behind the West, so I wouldn’t look to them as vaulting forward here. Similar to the Chinese. When you see either marketing airliners, you’ll know conclusively that threshold has been passed. They will eventually, but it’ll be some time yet.

        But even that means they’ll be fighting yesterday’s war. Tomorrow’s war will involve a pure systems attack, as per the Sid’s link:

        Even small unit commanders go into combat equipped with laptops and
        video links. “We’re no longer just hurling mass and energy at our
        opponents in warfare,” says John Arquilla, professor of defense analysis
        at the Naval Postgraduate School. “Now we’re using information, and the
        more you have, the less of the older kind of weapons you need.”

        Maybe the US should scrap out their aircraft carriers and submarines, and save themselves the cash? Not today, but some of them, some day?

  • Tom Tom

    This is potty. In a country where Indian IT professionals are imported on Indian contracts and UK nationals are unemployed in their own country how can anyone seriously speak of National Cyber Security ? They even give contracts to Huawei !!! We now know Steganography permits data to be hidden in silences in Skype calls and so much of our infrastructure runs on low grade and outdated programs especially at banks like Lloyds TSB that basic systems crash regularly. Yet it is preerable to hire cheap Indian coolies and then spout on about National Security as if we actually had a “nation” to feel secure about as opposed to a “marketplace” more akin to a railway station

    • telemachus

      just what planet is anyone on to talk about Indian Coolies
      If these folk will work at rates we can afford would it not be nonsense to not employ them

      • Tom Tom

        So you no longer believe in Minimum wage in the Uk Tel-Boy ? You think we should employ Indians at Indian pay rates in the UK ? You are clearly a Conservative

        • telemachus

          I am more interested in your pejorative “coolies”
          Use that on a football pitch and you are banned for 8weeks

          • Tom Tom

            Run along little Troll……..I still prefer to see British IT staff employed rather than being outplaced by Indians paid Indian wages in Britain to undermine our capabilities… being a PC Troll don’t give a proverbial about British people so long as you can spout your drivel and have a good little sniffle. In the big playground you are an irrelevance…..go back to skipping

  • perdix

    What about the £650 million allocated by the government to “cyber” issues?

  • Noa

    The government’s procurement policy has for decades insisted on obtaining ‘best value for money’ when letting contracts. This has resulted in a mature civilian and military IT infrastructure largely developed and maintained by overseas companies, whilst the UK’s own competencies, entirely unprotected, have been eroded or sold to those same overseas competitors.

    The irony is that the concerns now being raised by the Defence Committee are largely the result of successful lobbying by those same overseas companies- and a UK Defence industry soliciting for work to replace reducing defence contracts.

    Of course there is a need to fix the most vulnerable systems, but the problems will recur until security issues are properly addressed at the development and productions stages.

    Funding should not be an issue, we should transfer some of the billions on foreign aid to protect our own infrastructure rather than massage ministerial egos.

    • Tom Tom
      • Span Ows

        link is corrupted, use this one:

        Imagine the consequences of the blue screen of death ‘out there’…Jeez.

        “Are you sure you wish to launch nuclear attack on Europe?” hackers dream…

        • Tom Tom

          Thanks Span Ows, it’s a fine thing when even URLs to MS get corrupted ! Then again when burglars steal only iPads from an MS Development Centre in Mountain View it is clear that s/ware drives hardware

    • telemachus

      It would be better if the Defence Committee dissolved itself and recommended that procurement monies be devoted to saving the lives of some of those starving as a result of slashing the welfare budget

      • smithersjones

        Why don’t Labour and the Unions lead by example and donate large lumps of their short money and the union training fund for that purpose?

    • smithersjones

      The Government’s procurement policy is in large part dictated by EU directives

      • Noa

        A key reason to vote ukip.

  • In2minds

    “The constantly evolving threat from hackers has left the government
    struggling to stay one step ahead of hackers”

    And yet all government ever does is build more and bigger databases.
    Remember it’s OUR data and NOT theirs they collect, usually without
    our agreement.

    • Noa

      Well yes, personal data should be maintained only with our consent.

      What is under consideration here is classified military and other infrastructure essential technical and commercial information.

      It is public property, which has to to be maintained and held securely.

    • telemachus

      We need the data to protect us from the terrorists and paedophiles in our midst
      Those who have done nothing wrong have nothing to fear
      What we actually need are stand alone security and delivery systems in our key industries

      • smithersjones

        Yeah and wasting an absolute fortune storing and trawling through a myriad of innocent data in the vain hope of finding a needle in a haystack which won’t be there because the real crooks will not go anywhere near. any sort of communications which government are monitoring is just another example of how bankrupt of intellect and dysfunctional our government is.

        It’s another disgraceful example of how bureaucrats control freakery outweighs good use of taxpayers money, the latest phallic symbol for those in government with deep persona insecurity issues (“just look how big my database is”)

        • dalai guevara

          The Shami Chakrabarti line of argumentation exactly in the top three posts – here on the Speccie! I am impressed.

          Now, if that does not smell of consensus, then what would?

Can't find your Web ID? Click here