Go Back | Print | A A A

UK's MI5 details how to tackle the Cyber threat

DOD says Cyber Pro discusses Mobile Network Security Challenges

Cyber crime, espionage and attacks pose a major threat to the national security and economic success of the UK. A year ago, the Government launched its National Cyber Security Strategy to set out how the UK can support economic prosperity, protect national security and protect our way of life by building a more trusted and resilient digital environment. These key objectives are the focus of IA12, the Government's annual information assurance event, which starts today in London.

The Security Service and the UK's other security and intelligence agencies play an important part in helping to tackle the cyber threat to the UK. It is the focus of an increasing proportion of our efforts. A new set of pages on the MI5 website have been published to explain what is being done in this area:

Cyber

"Cyberspace" is the term used to describe the electronic medium of digital networks used to store, modify and communicate information. It includes the Internet but also other information systems that support businesses, infrastructure and services. We all rely on the availability of these systems on a daily basis. A secure online environment is essential to HM Government, which is providing an ever-increasing number of online services, to UK business and to ordinary people. It is central to the delivery of public and commercial services and communications.

However, some individuals and groups use cyberspace for malicious purposes. We call these people `hostile actors' and they exploit cyberspace to conduct espionage operations or launch damaging computer network attacks.

A wide range of hostile actors use cyber to target the UK. They include foreign states, criminals, 'hacktivist' groups and terrorists. The resources and capabilities of such actors vary. Foreign states are generally equipped to conduct the most damaging cyber espionage and computer network attacks.

Hostile actors conducting cyber espionage can target government, military, business and individuals. They use computer networks to steal large volumes of sensitive data undetected. This might include intellectual property, research and development projects, strategic data on a company's merger and acquisition plans or any other information that the owner might want to protect.

Cyber espionage should be viewed as an extension of traditional espionage. It allows a hostile actor to steal information remotely, cheaply and on an industrial scale. It can be done with relatively little risk to a hostile actor's intelligence officers or agents overseas. We call this activity Computer Network Exploitation (CNE).

Hostile actors can also use malicious software (or malware) to disrupt and damage cyber infrastructure. This can range from taking a website offline to manipulating industrial process command and control systems. Such activity is known as Computer Network Attack (CNA).

Cyber espionage presents a real risk to the economic well-being of the UK. It poses a direct threat to UK national security.

How is MI5 tackling the cyber threat?

The Security Service, together with the other UK's intelligence agencies (MI6 opens in a new window and GCHQ opens in a new window), works to tackle the cyber threat along with other Government Departments and industry. Our work is carried out as part of the UK Cyber Security Strategy opens in a new window. Published in 2011, the Strategy states: "Our vision is for the UK in 2015 to derive huge economic and social value from a vibrant, resilient and secure cyber space, where our actions, guided by our core values of liberty, fairness, transparency and the rule of law, enhance prosperity, national security and a strong society."

We have a number of teams dedicated to tackling the cyber threat to the UK. These teams carry out a range of work including:

• Identifying cyber espionage operations targeting UK industry and gathering intelligence in order to better understand the threat posed.
• Providing protective security advice to the UK's Critical National Infrastructure and companies of greatest economic importance to the UK through the Centre for Protection of National Infrastructure (CPNI).
• Responding to state-sponsored computer network attacks by engaging with and assisting victims.
• Reporting to government and other stakeholders on the cyber threat to help policy makers decide how best to ensure the UK's cyber security.

This work is currently part-funded by the National Cyber Security Programme (NCSP), a Cabinet Office-led initiative derived from the UK National Cyber Strategy. It funds a range of projects to improve the UK's ability to protect its interests in cyberspace and to address threats from states, criminals and terrorists. It also looks for new opportunities to use cyberspace to benefit the UK's future prosperity and advance its security interests. Our work aims to make it as difficult as possible for hostile actors to use cyberspace to damage the UK's national security and economic well-being.

Cyber and the law

Our responsibilities for counter-espionage work are defined in the Security Service Act 1989 opens in a new window, which states:

"The function of the Service shall be the protection of national security and, in particular, its protection against threats from espionage, terrorism and sabotage, from the activities of agents of foreign powers and from actions intended to overthrow or undermine parliamentary democracy by political, industrial or violent means.

"It shall also be the function of the Service to safeguard the economic wellbeing of the United Kingdom against threats posed by the actions or intentions of persons outside the British Islands."

Our work on the cyber threat falls under both headings in that it protects both national security and economic well-being. The UK's national security benefits from our work to defend UK organisations and the public from damaging computer network attacks and cyber terrorism. In helping UK businesses to defend themselves from cyber espionage operations, we help to secure the country's economic well-being.

Hostile actors located in the UK can be prosecuted under a number of statutes. The Computer Misuse Act 1990 opens in a new window was introduced primarily to deal with computer offences such as gaining unauthorised access to networks. The law was updated by the Police and Justice Act 2006 opens in a new window to cover new offences such as carrying out denial of service attacks. It provides for sentences of up to 10 years' imprisonment. The Criminal Law Act 1977 opens in a new window has also been used to prosecute offences of conspiring to carry out computer misuse. The police and Crown Prosecution Service opens in a new window are responsible for arresting and prosecuting individuals who have broken these laws. As with terrorism and espionage, we collaborate with law enforcement agencies to tackle the cyber threat.

What can businesses and the public do to protect themselves?

There are many simple steps that business and the public can take to improve their cyber security. Good cyber security depends on a combination of both technical measures and human behaviour.

For example, an anti-virus system will go some way to preventing malicious activity on computer networks but it will become ineffective if the user does not ensure that it is kept up to date. Similarly, if staff in an organisation are educated not to open suspicious emails, this can help to prevent their organisation becoming a victim of cyber espionage.

To know more, click here.

Read more Urgent action is needed in order to combat emerging cyber-attack trends, says ENISA EU Cybersecurity plan to protect open internet and online freedom and opportunity US Defense Secretary Panetta warns Cyber Threat growing quickly European Council and European Parliament reach agreement on new mandate for the EU Network and Information Security Agency US Defense Chief Dempsey discusses Cyberattacks, other issues in NBC Interview Awareness is not enough, says EU Commissioner Kroes days before introducing EU Cybersecurity Strategy Australia establishes a Cyber Security Centre in Canberra US Air Force Space Command to bolster Cyber Force New Zealand and the UK share a common position on Cybersecurity US National Intelligence Council forecasts Megatrends

view original source

FOLLOW US

diplonews.com/rss
facebook.com/diplonews
twitter.com/diplonews_com

Sign up for DiploNews' free Weekly Newsletter, click here.

DISCLAIMER:
Parts of or the whole information published on this page is likely to originate from Official Institutions like Governments, Ministries, Embassies and States. Its reproduction on this page does not constitute any endorsement from DiploNews and any of its affiliates and/or partners. If titles are sometimes modified for better understanding, the contents are reproduced exactly as delivered by the institution that first published it. To know the exact origin, click on 'view original source' at the end of the page. All information that originates from DiploNews is copyrighted and cannot be reproduced without written express authorization from DiploNews.

Receive our Free Newsletter

__ SUBSCRIBE

23 MAY 2013 Neither appeasement nor a collapse, South Korea displays its foreign policy ambitions

23 MAY 2013 Tension mounts between Bahrain and Iran, it is politically-motivated says the UAE

22 MAY 2013 Beijing and New Delhi realize bilateral relationship can become the world's epicenter

22 MAY 2013 Sein's visit adds Myanmar to President Obama's foreign policy achievements

21 MAY 2013 Egypt still wants Assad out of the equation of power in Syria

21 MAY 2013 France rejects UNGA decision on New Caledonia, Argentine takes advantage of it

20 MAY 2013 Arctic Council welcomes 7 new observers, extends diplomatic reach

20 MAY 2013 Obama praises a partnership that delivers, Erdogan celebrates a historic day

20 MAY 2013 Northeast Nigeria declared in state of emergency, growing security concerns

18 MAY 2013 Australia and Sweden reach milestone agreement for future Submarines