The United Kingdom and the United States will carry out simulated cyber attacks on each other as part of a war games initiative designed to bolster national cyber defences against computer hackers and other internet criminals.
Prime Minister David Cameron revealed the cyber war games initiative during his visit to Washington DC, where he’s having talks on cyber security with President Barack Obama.
Other issues on the agenda include privacy and encrypted messaging, with Cameron keen to clamp down on internet communications which the government can’t read, a move that has been roundly criticised by experts as unworkable and by privacy groups as an attack on freedoms.
“Regular consumers and businesses will be put at risk if secure messaging systems are backdoored – as whenever a weakness is put in a system it could be exploited by bad guys as well as law enforcement,” security expert Graham Cluley wrote on his blog.
The “unprecedented” cyber war exercise will begin later this year with “cyber cells” performing staged attacks on Wall Street and the City of London, Downing Street has confirmed. The programme will be carried out jointly by GCHQ, MI5 and the FBI.
“Cyber attack is one of the biggest modern threats that we face. Eight out of 10 large companies in Britain have had some sort of cyber attack against them,” Cameron told the BBC’s Today programme, adding that it’s in the interests of both countries to cooperate.
“Britain and America working together – we have got hugely capable security defences and the expertise – and that is why we should combine and set up cyber cells on both sides of the Atlantic to share information, not only to work out how we best protect ourselves but create a system where hostile states and hostile organisations know they should not try to attack us,” he said.
The Prime Minister was accompanied on his trip to the US by representatives of a number of British web security firms, who have welcomed proposals for the UK and the US to work closer together on fighting cyber crime.
“Greater collaboration between the UK and US is crucial to successfully detecting and combating cyber threat. We need solutions that help create greater communication across all borders; between countries, industries and organisations,” said Stuart Murdoch, CEO of secure collaboration tools provider Surevine.
“The Cyber-Security Information Sharing Partnership (CISP) platform is one example of such collaboration, helping companies form a united front against hackers, and share information securely about the nature of cyber attacks,” he added.
Robert Norris, director enterprise and cyber security for Fujitsu UK and Ireland, also welcomed additional collaboration on cyber security and cyber crime between the UK and US.
“With the constantly shifting threat landscape it is imperative now for organisations to be able to respond to threats quickly and effectively,” he said.
“The collaboration between the US and UK will bring together companies at the forefront of the cyber security industry to share knowledge, skills and technologies which will help to address these growing threats and strengthen the defences already in place,” Norris continued.
“It has never been more important for organisations to develop a robust security policy and this new initiative with the US clearly demonstrates that the UK has some of the world’s best cyber security capabilities in the world,” he added.
However, not everyone is happy with President Obama’s proposed new plans for IT security, with some worried it could move further towards creating a “cyber police state”.
“Obama proposes upgrading hacking to a ‘racketeering’ offence, which means you can be guilty of being a hacker by simply acting like a hacker, without otherwise committing a specific crime,” said Robert Graham, CEO at Errata Security.
There are also those who remain highly suspicious of what exactly nation states are monitoring on the web, especially given the extent of the ongoing NSA surveillance revelations leaked by Edward Snowden.