Tuesday 23 January 2018

The Guardian/Ewen MacAskill: Cyber-attack on UK a matter of 'when, not if', says security chief

The Guardian
Cyberwar

Cyber-attack on UK a matter of 'when, not if', says security chief

Exclusive: Ciaran Martin says Britain fortunate so far to avoid major, crippling attack

Ewen MacAskill Defence and intelligence correspondent

Mon 22 Jan 2018 20.00 GMT
Last modified on Tue 23 Jan 2018 01.00 GMT

Shares
262
Ciaran Martin, the head of the UK’s National Cyber Security Centre

The head of the UK’s National Cyber Security Centre has warned that a major cyber-attack on the UK is a matter of “when, not if”, raising the prospect of devastating disruption to British elections and critical infrastructure.
Advertisement

In remarks underlining newly released figures showing the number of cyber-attacks on the UK in the last 15 months, Ciaran Martin said the UK had been fortunate to avoid a so-called category one (C1) attack, broadly defined as an attack that might cripple infrastructure such as energy supplies and the financial services sector.

The US, France and other parts of Europe have already faced such attacks.

Interference in elections would also constitute a C1 attack, as would a deliberately provocative move by a hostile state.

During an hour-long interview with the Guardian, Martin said he anticipated such an attack in the next two years. “I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack,” he said.

He admitted total protection was impossible. “Some attacks will get through. What you need to do [at that point] is cauterise the damage,” he said.
Guardian Today: the headlines, the analysis, the debate - sent direct to you
Read more

Martin was speaking last week before a speech on Monday by the chief of the general staff, Sir Nick Carter, in which he highlighted the growing threat posed from cyber-attacks, in particular from Russia, both on the battlefield and on civilian services.

The NCSC, which is the front window for the government surveillance agency GCHQ, has been gradually building defences and is due to publish shortly a 60-plus page dossier outlining what has worked and what has not since it opened for operations in October 2016.

The most serious cyber-attack on the UK so far was the WannaCry ransomware attack in May last year that disrupted hospitals. In spite of its impact, the attack was classified as only C2 rather than C1, partly because there was no risk to life.

Figures for cyber-attacks since the NCSC opened through to December last year underline the pressure building on the UK from hackers. The NCSC recorded 34 C2 attacks, with WannaCry the most disruptive of these, and 762 slightly less serious C3 ones.
Advertisement

“Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date,” said Martin, who is chief executive officer at the NCSC and former director general for cyber-security at GCHQ.

Among serious breaches elsewhere are the hacking of the US Democratic party in the run-up to the 2016 White House election and an attack on a French television station in 2015, both blamed on Russia.

The NCSC, as part of its preparations against similar attacks, has been advising key departments and companies on vulnerabilities while intelligence agencies monitor potential hackers. There is also an emergency response team on constant standby.

Martin said one of the biggest lessons from 2017 was to fear reckless as much as controlled attacks. He considered WannaCry, which was blamed on North Korea, as an example of an attack in which the perpetrator loses control.

“What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn’t pan out in the way the attackers wanted to.”

As well as North Korea, intrusions have been blamed on Russia, China and Iran. Some of these, Martin said, were espionage-based, scouting out vulnerabilities in infrastructure for potential future disruption. Although the UK signed a treaty with China in 2015 not to engage in cyber-attacks for commercial gain, espionage was left out of the treaty.

“What we have seen from Russia thus far against the UK is a series of intrusions for espionage and possible pre-positioning into key sectors but in a more controlled form of attack from others,” he said.

The UK has publicly acknowledged its growing cyber-offensive capabilities. Martin, while saying it was a matter not for him but GCHQ and the Ministry of Defence, said: “Offensive cyber will be an increasing part of the UK’s security toolkit.”

But he cautioned against assuming a cyber-attack from another state would trigger a retaliatory cyber-attack, saying there were a range of responses from diplomatic pressure through to sanctions and indictments.

The Trump administration has raised the prospect of using nuclear weapons in response to a major cyber-attack.

Martin said he had not seen any successful attempt to interfere in the UK democratic process. The political parties had originally been suspicious about taking advice from an organisation linked to the intelligence agencies when the NCSC first opened.

When Theresa May called the UK general election in April, much of that reticence disappeared, Martin said, possibly because of the experience in the US and France.

“The main parties in the House of Commons did ask for and did receive guidance on the sort of threats they were likely to face and we worked with each of them,” Martin said.

Cyber-attacks appear to have made electronic voting less likely in the near future. “With the current state of high alert around elections, I think it make sense that there are not any current plans to move to electronic voting,” Martin said.

Electoral security is one of the areas in which the the NCSC is working closely with European Union counterparts. In spite of reports of concerns over security cooperation post-Brexit, Martin insisted: “There is significant momentum in Europe to get the European cybersecurity across the whole continent on a stronger footing and that is great.”

Among challenges facing Martin, he identified encouraging more girls to consider engineering and computing as a career. Of the NCSC’s 700-strong workforce, only 32% are female, though half of the roughly 20 senior management posts are held by women.
Since you’re here …

… we have a small favour to ask. More people are reading the Guardian than ever but advertising revenues across the media are falling fast. And unlike many news organisations, we haven’t put up a paywall – we want to keep our journalism as open as we can. So you can see why we need to ask for your help. The Guardian’s independent, investigative journalism takes a lot of time, money and hard work to produce. But we do it because we believe our perspective matters – because it might well be your perspective, too.

    I appreciate there not being a paywall: it is more democratic for the media to be available for all and not a commodity to be purchased by a few. I’m happy to make a contribution so others with less means still have access to information.
    Thomasine F-R.

If everyone who reads our reporting, who likes it, helps fund it, our future would be much more secure. For as little as £1, you can support the Guardian – and it only takes a minute. Thank you.
Become a supporter
Make a contribution
Paypal and credit card
Topics

    Cyberwar

    Cybercrime
    Espionage
    Hacking
    Internet
    Defence policy
    news

    Share on LinkedIn
    Share on Pinterest
    Share on Google+



    30 cleaning tips that… Life Tonik
    Leading Companies… TTGmice – Asia-Pacific’s Leading Meetings, Incentives, Conventions & Exhibitions Resource
    This Company Uses Sleep… Men's Fitness
    10 Ways to Accelerate… Intel Security -

About this Content
Most viewed

    World
    UK
    Science
    Cities
    Global development
    Football
    Tech
    Business
    Environment
    Obituaries

back to top

    become a supporter
    make a contribution
    securedrop
    ask for help

    advertise with us
    work for us
    contact us
    complaints & corrections

    terms & conditions
    privacy policy
    cookie policy
    digital newspaper archive

    all topics
    all contributors
    Facebook
    Twitter

© 2018 Guardian News and Media Limited or its affiliated companies. All rights reserved.

No comments: