13.6 C
London
Tuesday, September 26, 2017
Home Tags Michael Fallon

Tag: Michael Fallon

Middle path between cheek-turning and all-out war Microsoft Decoded Britain will strike back against nations launching cyber attacks on the UK’s critical national infrastructure. Chancellor Philip Hammond promised retaliatory measures against state-sponsored hackers while unveiling an expanded $1.9bn, five-year national cyber security strategy. Crucially this isn’t new money - Hammond’s predecessor George Osborne had announced this in November 2015, during the last spending review. What was new was the pledge Britain would go on the offensive against attackers and not simply turn the other cheek.

The alternative, Hammond, warned was armed war. Also new was a sharper focus, announced by Hammond, around tactics and strategy around cyber security to protect the nation’s critical national infrastructure and business. In October defence secretary Sir Michael Fallon said Britain had used cyber warfare against ISIS as part of the bid to retake the Iraqi city of Mosul. “We will deter those who seek to steal from us, or harm our interests,” Hammond told Microsoft’s Future Decoded conference in London on Tuesday. “We will strengthen law enforcement to raise cost and reduce rewards,” he said of criminal attackers. He promised the UK would “continue to invest in cyber defense capabilities - the ability to trace and retaliate in kind is likely to be the best deterrent. “If we don’t have the ability to respond in cyberspace to attack that takes down power networks or air traffic control systems we would be left with the impossible choice of turning the other cheek or resorting to a military response - that’s a choice we don’t want to face.” “No doubt the precursor to any state-on-state conflict would be a campaign of escalating cyber attack. We will not only defend ourselves in cyberspace but will strike back in kind when attacked.” Moments before Hammond, who chairs the Cabinet’s cross-department cyber-security committee, had listed high-profile cyber attacks against other nation’s critical infrastructure. He didn’t name those responsible, but many attendees inferred the attacks were sponsored by Russia. He referenced the April 2015 takedown of French TV network TV5 initially blamed on ISIS but subsequently attributed to a group of hackers with links to the Kremlin.

A power blackout in the Ukraine following an attack on power utilities has also been blamed on Russia-based hackers. Moscow has backed separatists in the former Soviet republic seeking the reunification of the USSR. Hammond asked that suggestions as to who might be behind those attacks should be written on a postcard and posted to No. 11. Under the new cyber strategy, Hammond pledged a five-year plan to “work to reduce the impact of cyber attacks and to drive up security standards across public and private sectors.” This would involve ensuring government networks are secure and see UK government “taking a more active cyber defence approach” using tactics such as automatic protection to secure UK users “by default”. He pointed to the recent rollout of software to cut to zero an estimated 50,000 fraudulent emails a day from hackers purporting to be from HMRC offering tax refunds in order to obtain people's bank details. Hammond promised “increased investment” in the “next generation” of students and experts and talked up the formation of a virtual link-up between universities to secure laptops, tablets and smartphones. The Chancellor also laid responsibility for greater security at the feet of Britain’s chief executives. Having name-checked TV5 and the Ukraine, he referenced last year’s TalkTalk attack - which is almost certainly not the work of a nation state.

Altogether five suspects, all based in the UK, have so far been arrested in connection with the 2015 hack. That breach saw details of 156,959 customers sprung with TalkTalk fined a record £400,000 by the Information Commissioner. “CEOs and boards must recognise they have responsibility to manage cybersecurity,” Hammond said. “Similarly, technology companies must take responsibility for incorporating the best possible security measures into the technology of their products.

Getting this right will be crucial to keeping Britain at the forefront of digital security technology.” ®
And we'll attack you back, promises Defence Secretary Britain is splurging £265m on military cyber security – and that includes offensive capabilities, according to Defence Secretary Sir Michael Fallon. Speaking at the Royal United Services Institute yesterday, Sir Michael said the investment into the Cyber Vulnerability Investigations programme would “help us protect against these threats”. “The average cost of the most severe online security breaches for bigger companies starts at almost £1.5m, up £600,000 from 2014,” said Sir Michael, adding: “It’s only a matter of time before we have to deal with a major attack on UK interests.” So far Britain has managed to avoid the sort of targeted large-scale hacks that have seen big US tech companies such as Yahoo! see 500 million user accounts compromised, or the Target hack which saw millions of credit card and debit card details as well as names and addresses leaked into the hands of cyber-criminals. It seems, from Sir Michael's speech, that Blighty is gearing up to proactively attack any cyber-villains with designs on British internet infrastructure. Lauding various government security initiatives, including the National Cyber Security Centre in Victoria, London, the Defence Secretary said: “This cannot just be about our defence.
It must be about our offence too.
It is important that our adversaries know there is a price to pay if they use cyber weapons against us, and that we have the capability to project power in cyberspace as elsewhere.” Given that most large-scale hacks tend to be backed by states such as China and Russia, it seems that Sir Michael's speech is a public shot across their bows, warning them not to target Blighty – while simultaneously urging NATO to treat the Article 5 collective defence provisions as applying to cyberspace. Originally, Article 5 of the Washington Treaty, which founded NATO, was intended to ensure that any westward expansion of the Soviet Union would trigger World War Three by dragging Britain and America in, thereby keeping the Soviets and the Eastern Bloc's expansionist aims firmly under control. It is unlikely that many countries would take Article 5 seriously in the context of cyberspace, given that many NATO member states effectively ignore the treaty requirement for them to spend two per cent of GDP on military spending. ®