Monday, October 18, 2010

Britain under threat from cyberattacks

International terror attacks and cyberattacks have been cited as the biggest threats to Britain and its interests, according to a government report. The new national security strategy sets out several forms of attack which might target Britain. They include phishing attacks which attempt to steal data and financial resources. But amongst the more serious types of attacks would be those foisted against infrastructure such as the electricity grid or air traffic control systems.

To counter the threat, the British government has announced an extra £500 million to help protect key infrastructure and defence assets. Talking about the initiative prime minister David Cameron said the UK must "radically transform" the way it plans for threats in "an age of uncertainty".

Set up in May, the National Security Council identifies 16 threats to the UK. The most serious they call "Tier 1" which comprises acts of international terrorism, hostile computer attacks on UK cyberspace, a major accident or natural hazard such as a flu pandemic, or an international military crisis between states that draws in the UK and its allies.

"We are entering an age of uncertainty," the report states. "This strategy is about gearing Britain up for this new age... weighing up the threats we face and preparing to deal with them. As a government we have inherited a defence and security structure that is woefully unsuitable for the world we live in today. We are determined to learn from those mistakes and make the changes needed." Speaking to the BBC earlier today, foreign secretary William Hague said the cyberattack was "a rapidly growing threat". The foreign secretary went on to say that Britain should be better prepared and that "such attacks in the future could become a major threat".

Scenarios in "Tier 2" include an attack on the UK using weapons of mass destruction, a civil war in a region of the world which terrorists could exploit to threaten the UK or an significant rise in organised crime.

A conventional large-scale attack on the UK is ranked only in "Tier 3" of possible dangers, alongside disruption to oil and gas supplies, a serious accident at a nuclear power station, an attack on a Nato ally and interruptions to food supplies. Home Secretary Theresa May told the BBC Radio 4's Today programme that the country was "facing a very serious threat from international terrorism... we must all be vigilant."

While terrorist groups are amongst the list of potential enemies, there was no specific organisation named. Cyberattacks perpetrated by nation states is also a real danger but there was no finger pointing within the report. However there is much speculation as to who might launch such attacks. 

Some academics have dismissed the claims that a cyberattack could be as devastating as described. But speaking ahead of the Prime Minister's announcement, Sir Malcolm Rifkind, chairman of the ISC, said cyberattacks could pose "very massive problems". Earlier this year there was a clear example of how such an attack might manifest itself after it was revealed that Iranian nuclear power stations were targeted with the Stuxnet virus. China has been blamed for perpetrating many attacks on western interests including attempted hacking attempts on Google and several other companies last November. The accusations were angrily refuted by China, but the issue resulted in a war of words and Google moving its search engine from the Chinese mainland to Hong Kong where it is not required to self-censor search results.

Cyber threat is nothing new

For those that have followed the threat of a cyberwar closely, today's report is nothing new. In March this year The Times claimed that the cyberwar had already been declared as China sought intelligence from the West. "Everyone has been made aware that the Chinese have become very active with cyber-attacks and we're now getting regular warnings from the office for internal security," a Nato diplomatic source told the Times. 

Sources at the Office for Cyber Security at the Cabinet Office in London said there were two forms of attack: those focusing on disrupting computer systems and others involving "fishing trips" for sensitive information. As a result, a special team had been set up at GCHQ, the British government communications headquarters in Gloucestershire, to counter the growing cyber-threat affecting intelligence material. 

According to a report released in March in the US, the number of attacks on Congress and other government agencies had risen exponentially in the previous year to an estimated 1.6 billion every month. The attacks were not confined to the US however. James Lewis, of the Centre for Strategic and International Studies, said, "The porousness of the European institutions makes them a good target for penetration. They are of interest to the Chinese on issues from arms sales and nuclear non-proliferation to Tibet and energy."

The threat from China

Jonathan Evans, the Director-General of MI5, warned in 2007 that several states were actively involved in large-scale cyberattacks. Although he did not specify which states were involved, many security officials have indicated that China now poses the gravest threat. Dr Lewis says that neither the US nor any of its Western allies had formed an effective response to the Chinese threat, which has its origins in a massive boost to Chinese technology ordered by Deng Xiaoping, the late Chinese leader, in 1986. The West's own cyber offensives have so far been directed largely at terrorists rather than nation states. This, Lewis argues, has given China virtually free rein to penetrate Western systems with its own world-class hackers and increasingly popular Chinese-made components.

In fiction, China has clearly become the new bogeyman. In a recent episode of Spooks, which follows the work of a group of MI5 Officers, a trio of highly skilled Chinese agents engaged in industrial espionage was the focus. In one scene an MI5 officer exclaims, "you know as much as I do China is only heading in one direction, more oppression and more control..."

Fiction maybe but there are some truly concerned by China's real motives. Whitehall departments were allegedly first targeted by Chinese hackers in 2007. Later that year Jonathan Evans, director-general of MI5, wrote to 300 chief executives warning of potential Chinese hacking attacks and data theft. In the year up to November 2009 Britain suffered 300 cyber intrusions, defined as a sophisticated attempt, successful or not, to steal data or sabotage systems, on government and military networks [Times]. The Office for Cyber Security (OCS), established by the Cabinet Office, was created in the autumn of 2009 after a warning by intelligence chiefs that China may have acquired the ability to cripple key points of infrastructure such as telecommunications.

Joining forces

Britain has already joined forces with America to counter such attacks, but Europe also needs to be more assertive and join the effort. From a Chinese perspective, Europe is regarded as an increasingly divided and enfeebled entity, unable to negotiate with one voice and rapidly being overshadowed by a deepening US-China relationship. The China threat also spreads into areas other than cyberattacks. National governments, led by Britain and France, are concerned that European Commission attempts to seize control of the EU foreign service will delay its creation and allow China to continue to "divide and rule" Europe's 27 member states. The Commission is fighting hard to keep its control over EU-China negotiations on trade, economy, energy or climate change but this would jeopardise the national demands that new EEAS [European External Action Service] embassy be "much more substantial, political and joined up than now". One Brussels official warned, "If they try and take away some out our competence in these areas, we will tie the EEAS up in legal knots and delay." [Telegraph].

The economic war and the cyberwar are posing increased threats to western interests. And without concerted efforts to counter these threats, the West has much to lose. Security analysts say 20 countries, in addition to China, are actively engaged in so-called asymmetrical warfare, a term that originated with counterterrorism experts that now commonly refers to cyberattacks designed to destabilize governments. Countries engaged in this activity range from so-called friendly nations, such as the United Kingdom and Israel, to less friendly governments like North Korea, Russia, Kazakhstan, and Uzbekistan.

"There are least 100 countries with cyber espionage capabilities," warns Alan Paller, director of research at the SANS Institute, an information security and training firm. Today there are thousands of hackers working on such programs around the world, "including al Qaeda cells that are acting as training centers for hackers," he said. 

"Widespread problem"

"It's been a widespread problem for some time," says University of Texas at San Antonio professor and cyber security researcher Ravinderpal Sandhu. Paller and others agree, adding that the Google incident, in which the Internet giant discovered e-mail and corporate sites had been extensively hacked by programmers on the Chinese mainland, represented just the tip of the iceberg. "The Chinese air force has an asymmetrical warfare division" charged with developing cyberwarfare techniques to disable governments' command and control systems, says Tom Patterson, chief security officer of security device manufacturer MagTek Inc. "They are fully staffed, fully operational and fully active. And when you aim a governmental agency that size against any company, even the size of Google, well, it's an overwhelming force," Patterson says. "It's been going on in China since at least at least May 2002, with workstations running 24 hours a day, 7 days a week," Peller says [Fox News].

In February this year, CNN aired a special programme which looked at the possible repercussions of a concerted cyberattack aimed at disrupting US infrastructure. Wolf Blitzer presented the hypothetical scenario We Were Warned, Cyber Shockwave and discussed the issues with several former administration and national security officials. In the discussion that followed the panel pointed the fingers at terrorists and at certain countries capable of launching such an attack. "Well, you heard it in the context of the scenario -- the Chinese and the Russians have this capability," said Francis Townsend, a White House Homeland Security Adviser from 2004 to 2008. A retired USAF General Charles F Wald said, "I think the scenario we saw today is believable." But he said more needed to be done to protect the US and its allies. "I think we're preparing for it. I don't think we are prepared as much as we should be," Wald said. [CNN Transcript]. Clearly the British government has seen the writing on the wall.

Additional reports: BBC / Al Jazeera / Sky News / Telegraph / Guardian / Daily Mail / PA]
See also: tvnewswatch Cyberwar declared as China's attacks increase March 2010

tvnewswatch, London, UK

No comments: