The Defence Secretary has announced that Britain will build a dedicated capability to counter-attack in cyberspace and, if necessary, to strike in cyberspace.
As part of the MoD’s full-spectrum military capability, Philip Hammond MP has announced that the department is set to recruit hundreds of computer experts as cyber reservists in order to help defend the UK’s national security, working at the cutting-edge of the nation’s cyber defences.
Hammond confirmed the creation of a new Joint Cyber Reserve which will see reservists working alongside regular forces to protect critical computer networks and safeguard vital data.
Defence Secretary Philip Hammond MP
“In response to the growing cyber threat,” said Hammond, “we are developing a full-spectrum military cyber capability, including a strike capability, to enhance the UK’s range of military capabilities. Increasingly, our defence budget is being invested in high-end capabilities such as cyber and intelligence and surveillance assets to ensure we can keep the country safe.”
He added: “The Cyber Reserves will be an essential part of ensuring we defend our national security in cyberspace. This is an exciting opportunity for Internet experts in industry to put their skills to good use for the nation, protecting our vital computer systems and capabilities.”
Creating the Cyber Reserve
Creation of the Joint Cyber Reserve will represent a significant increase in the number of reservists employed in cyber and information assurance.
Members of the Joint Cyber Reserve will provide support to the Joint Cyber Unit (Corsham), the Joint Cyber Unit (Cheltenham) and other information assurance units across defence.
Recruiting for the Joint Cyber Reserve will begin next month and target three sectors: regular personnel leaving the Armed Forces, current and former reservists with the necessary skills, and individuals with no previous military experience but with the technical knowledge, skills, experience and aptitude to work in this highly-specialised area.
All personnel applying to join will be subject to a security clearance process.
Response from the security sector
Speaking about this Government move, Peter Armstrong (director of cyber security at Thales UK) commented: “By re-skilling its existing force in cyber security, the Ministry of Defence has addressed the blurring of the lines between physical and virtual defence which has become prevalent over the past decade. With the advent of cyber espionage and attacks which threaten CNI, the need for an holistic approach to national security is long overdue. It’s great to see the Ministry of Defence taking its share of responsibility for this alongside its traditional physical defence remit.”
Armstrong also explained: “In addition, and just as importantly, this move will help enormously in positioning public sector cyber security as an attractive career prospect for the next generation.”
Graeme Stewart, director of UK public sector strategy at McAfee, said: “This latest development shows that Government is taking the necessary steps to protect the UK against a very real cyber treat that’s now on par with physical threats. With greater connectivity comes a far greater risk of cyber attacks on the very foundations of the UK’s infrastructure. In the case of the country’s energy supply, for example – and the UK’s apparent intention to rely on a single, centralised smart grid – a single attack could affect the entire country and, as a worse case scenario, leave the UK without power.”
Stewart continued: “Our priority should be to ensure that the networks and devices securing our critical infrastructure are totally secure, which not only requires physical security but also a complete shift in the mindset of UK organisations. The top level attention to cyber security has to be adopted throughout organisations and individuals as a joint responsibility. Government and citizens need to work together to move from a ‘digital-by-default’ to ‘security-by-default’ scenario, ensuring that the basic knowledge needed to protect against the ever-growing threat is ingrained in our national consciousness.”
Neil Thacker, the information security and strategy officer (EMEA) at Websense commented: “In light of the House of Ccommons Defence Select Committee highlighting weaknesses in the MoD’s cyber incident response strategy, as well as the news in July that the UK is losing the fight against cybercrime, this is welcome and timely news to offer additional resources to aid cyber defence.”
Thacker went on to state: “Highly sophisticated, targeted attacks are occurring every day and are focused on both small and large organisations, with UK businesses being named by cyber crime organisations as their Number One target. Like the Government, UK businesses cannot take their eyes off the ball and need to put in place the right defences to protect their employees and the organisation’s critical data.”
Continuing the theme, Hacker explained: “It’s more crucial than ever that UK businesses place data security higher up the agenda and spend IT security budgets on the right and relevant technology. Proactive defences against targeted attacks and new variants of malware are key. Adding the ability to detect, contain and mitigate against the attacks is a responsibility of the IT and security teams by applying real-time malware analysis while simultaneously protecting against internal and external breaches and data theft. Detection only is not sufficient to counter this threat.”
Finding enough experts to build an effective force
Ruby Khaira (regional manager for the UK, Northern Europe and India at FireMon) said: “The new cyber defence force being announced by the MoD and Philip Hammond is an important step forward in protecting the UK’s computer networks from cyber attacks. The UK already has good protection in place, but cybercrime is a continuously growing threat and to build on existing defences is both necessary and logical.”
Khaira continued: “As I see it, the real issue here is being able to find enough computer experts to build an effective force. With a distinct shortage of security personnel within the private sector, this could be a very real problem. Therefore, the MoD will likely need to have a robust training plan in place to instruct those they hire for the cyber defence force, and will then need to offer a good enough package to keep those security professionals from moving to the private sector.”
Khaira also stressed: “Along with finding and retaining talent, it’s important that the new cyber defence force can effectively monitor and proactively identify areas of risk, which requires implementing security technologies that can automatically identify security gaps and prioritise remediation according to the level of risk to critical assets.”
David Emm, the senior security researcher at Kaspersky Lab, has also offered his views on the Government’s latest move.
“The British Government has for some time been indicating that it is keen to ramp up the overall defence posture of British companies in order to reduce the risk of attacks thereon,” said Emm. “This is something which Eugene Kaspersky has long been calling on all Governments to do, but it now seems that the Government is saying it considers ‘offence to be the best form of defence’.”
Emm then stated: “While it’s understandable that Governments might want to adopt such a position, doing so introduces a very real possibility of a cyber arms race and, accordingly, increased risks to Internet-based systems everywhere. After all, if one Government decides to openly engage in cyber offence, others will be sure to follow suit. Any cyber offence escalation would increase the risk of the technologies involved ending up in the wrong hands, possibly to be manipulated for malevolent ends. Unlike traditional weapons, tools used in cyber warfare are very easy to clone and reprogram by adversaries or other threat actors such that they can be used in sustained strikes.”
On that basis, Emm said: “It’s imperative for countries to understand the possible consequences – the specific dangers and potential damage – of cyber war before developing offensive cyber weapons. The only effective way to counter this trend is for Governments to work together towards the establishment of a cyber arms limitation agreement that prevents the continued escalation of cyberattacks.”