The head of Britain’s electronic spying agency warned Wednesday that the country is facing a “real and credible” threat of cyber attacks from hostile criminals abroad which could potentially damage its critical infrastructure.
Iain Lobban, director of the Government Communications Headquarters (GCHQ), said Britain’s infrastructure — such as emergency services and power grids — was at an increased risk as the rapid growth of the Internet made communications systems more vulnerable.
“We already provide expert advice and incident response to the operators of critical services,” he said. “We must continue to strengthen these capabilities and be swifter in our response, aiming to match the speed at which cyber events happen.”
Speaking at the International Institute for Strategic Studies in London, Lobban said he didn’t want to go into great detail about the threat to the UK’s “critical national infrastructure.” But said the threat posed by terrorists, organized criminals and hostile foreign governments was “real and credible” and he demanded a quicker response to match the speed with which cybercrime happened.
He warned that Britain’s economy could be at risk if effective protection measures against cyber attacks was not further developed.
Putting such protection in place would help “the UK’s continuing economic prosperity,” he said. “A knowledge economy needs to protect from exploitation the intellectual property at the heart of the creative and high-tech industry sectors.”
Lobban conceded his comments came as the coalition government prepares to give full details of sweeping cuts to defense and public sector spending next week. But, he argued, the cyber attack risk was not just a “national security or defense issue.”
“It goes right to the heart of our economic well-being and national interest.”
While GCHQ is more readily associated with electronic intelligence-gathering, Lobban stressed that it also has a role in security, referred to as “information assurance.” He said significant disruptions have already been caused in government systems by worms and viruses, though, not all were of deliberate consequence.
Each month there were more than 20,000 malicious emails on government computer networks, of which 1,000 were deliberately targeted at them. He said that intellectual property theft was also taking place on a “massive scale.”
Lobban said that while 80 percent of the threats could be dealt with through good information assurance practice, the remaining 20 percent was more complex and could not simply be solved by building better security walls.
While cyberspace presents potential security risks to the UK, Lobban said that it also offered opportunities if the UK could get its defenses right.
“There’s a clear defensive angle. In order to flourish, a knowledge economy needs to protect from exploitation the intellectual property at the heart of the creative and high-tech industry sectors. It needs to maintain the integrity of its financial and commercial services,” Lobban told BBC News.
“There is an opportunity which we can seize if government and the telecommunications sector, hardware and software vendors, and managed service providers can come together.”
It provides an opportunity to develop a “holistic approach to cyber security that makes UK networks intrinsically resilient in the face of cyber threats,” he said.
“That will lead to a competitive advantage for the UK. We can give enterprises the confidence that by basing themselves here they gain the advantages of access to a modern internet infrastructure while reducing their risks.”
On the Net: