By Jonathan Newell
An announcement has been made by Philip Hammond, the UK Government's Defence Secretary, that the country is set to create a new cyber defence force with the MoD recruiting hundreds of reserve computer experts from different disciplines to operate in conjunction with the armed forces in what has been dubbed the "Joint Cyber Reserve Unit".
The unit's purpose is to protect the country from online attacks and for the country to be able to launch its own cyber strikes. This is the first time that any country has been open about having the ability to strike at other countries' IT infrastructures.
Cyber-attack readiness should be expected
IT security company McAfee believes that these developments are the right steps for the country to be taking as cyber threats become similar in effect to physical threats. The explosion of connectivity in the country means that cyber attacks could render significant damage at the foundations of the country's infrastructure.
However, McAfee believes that protecting against such threats is not something for the Government and its new reserve unit alone.
McAfee's Graeme Stuart told us: "Our priority should be to ensure that the networks and devices securing our critical infrastructure are totally secure, which not only requires physical security but also a complete shift in the mindset of UK organisations. The top level attention to cyber security has to be adopted throughout organisations and individuals as a joint responsibility – government and citizens need to work together ensuring that the basic knowledge needed to protect against the ever growing threat is ingrained in our national consciousness.”
Doctor of Military Science and Director of Cyber Security at Stonesoft, Jarno Limnell has a lot of experience in national cyber-defence. Jarno has advised the EU, NATO and the Finnish Defence Forces on the issues of cyber security defence. He believes that the announcement from Philip Hammond is part of the need for the UK to be able to convince its cyber-enemies that it has the capability to defend itself and launch its own attacks. These offence capabilities are an important part of the whole scenario since, according to Jarno, any future wars will involve cyber activities of some kind.
Jarno Limnell continued that whilst the announcement should come as no surprise now, it will be seen as completely normal in the future. He told us: "Within the next couple of years the world will experience an increasing number of intentionally executed and demonstrated cyber-attacks resulting in militaristic and economic damage but also loss of civilian life. With ever-heightened awareness amongst the general public of the threats the UK is beginning to face, not just from other states but also rogue-factions, the development of offensive cyber-weapons will become fiercer and publicly more acceptable".
The start of a cyber arms race
Entrepreneur and founder of IT defence company, Evgeniy Kaspersky has long called for nations to take some action to adequately defend themselves against international cyber attacks and expresses some surprise that the UK considers that offence is the best way of defending itself. He believes that the adoption of such a posture runs the real risk of starting a cyber arms race with other countries also adopting a position of offence.
Senior Security Researcher at Kaspersky Lab, David Emm explained: "A cyber offence escalation would increase the risk of the technologies involved ending up in the wrong hands – to be manipulated for malevolent ends. Unlike traditional weapons, tools used in cyberwarfare are very easy to clone and reprogram by adversaries to be used in sustained strikes.
"It’s imperative for countries to understand the possible consequences – the specific dangers and potential damage – of cyberwar before developing offensive cyberweapons. The only effective way to counter this trend is for governments to work together towards the establishment of a cyber arms limitation agreement to prevent the continued escalation of cyberattacks".
IT security analysis company, LogRhythm shares the misgivings of Kaspersky, and cautions the UK Government to "know thy enemy" before launching into any form of conflict. The company believes that the consequences on diplomatic and international relations could be disastrous. This is especially the case if mistakes are made on the origin or nature of attacks and the assumed perpetrators and presumed enemies turn out to be nothing of the sort, a mistake that is easy to make in the complexities of cyber space.
LogRhythm's Ross Brewer told us: “Before launching any pre-emptive strike, government organisations must make sure that they have all of the facts in hand – something that can only be achieved by truly understanding every single piece of activity across their networks. To gain this level of visibility, proactive, continuous monitoring of all IT networks must be in place to ensure that any intrusion or anomaly can be detected before the problem snowballs".
IT security skills dilemma
The skills gap in the UK private sector for IT security specialists of the right level is a significant problem which the introduction of the reserve unit could either exacerbate or resolve, depending on how it's handled. FireMon believes that this is something that the MoD needs to address as part of its recruitment plan.
According to Ruby Khaira of FireMon, "The real issue, as I see it, is being able to find enough computer experts to build an effective force, with a distinct shortage of security personnel within the private sector, this could be a very real problem. The MoD therefore will likely need to have a robust training plan in place to train those they hire for the cyber defence force, and will then need to offer a good enough package to keep those security professionals from moving to the private sector".
It isn't just about the usual approach to cyber-security which is to take IT professionals and train them in security. IT and Defence specialist Thales believes in a more holistic approach to security which combines multiple skills in IT and industry to create a professional who has a much broader understanding of the risks faced by critical infrastructure, the very risks that national cyber defence teams are most likely to face.
Thales' Director of Cyber Security, Peter Armstrong told us: “By re-skilling its existing force in cyber security, the Ministry of Defence has addressed the blurring of the lines between physical and virtual defence which has become prevalent over the past decade. With the advent of cyber espionage and attacks which threaten national critical infrastructure, the need for a holistic approach to national security is long overdue. It’s great to see the Ministry of Defence taking its share of responsibility for this alongside its traditional physical defence remit".
"In addition, and just as importantly, this move will help enormously in positioning public sector cyber security as an attractive career prospect for the next generation.”
Jonathan Newell is a broadcast and technical journalist specialising in security systems and transport safety. He contributes to a range of titles in the technical press. He shares his time between the UK and Kazakhstan