Dr Fox began his speech by saying that, even as they dined, Britain’s interests were under attack, and that there was a continuous battle being…
Dr Fox began his speech by saying that, even as they dined, Britain’s interests were under attack, and that there was a continuous battle being waged on the cyber front, day in, day out:
Between 2009 and 2010, security incidents more than doubled,” he said. “Was this in Afghanistan? No - this was in cyberspace, and the target was the MOD.
I and my senior colleagues are routinely alerted to incidents that could have had severe consequences if they’d not been stopped.
Our systems are targeted by criminals, foreign intelligence services and other malicious actors seeking to exploit our people, corrupt our systems and steal information.
To give you an idea of the challenge, last year we in the MOD blocked and investigated over 1,000 potentially serious attacks. The risks to Defence are real, and I take them very seriously.
Dr Fox went on to tell the business representatives that success cannot be achieved by government alone, because, in cyberspace, there are few boundaries between government, business and every individual internet user. He continued:
We now see weekly reports of cyber attacks against businesses, institutions and networks used by people going about their daily lives. The cost to the UK economy of cyber crime is estimated to be in the region of £27bn a year and rising.
These are attacks against the whole fabric of our society. When it comes to cyber security we must fight this battle together.
Part of our response, Dr Fox said, must be to act internationally. He explained that the Foreign Secretary has set out seven broad principles which the UK sees as important, including the need for governments to act proportionally in accordance with international law, the need to provide proper protection for intellectual property, and the need to act collectively to tackle the threat of cyber criminality.
To take international dialogue forward, Dr Fox said the UK will host an International Cyber Conference in London in November to provide some focus to the currently fragmented international response to the challenges of cyberspace.
But, he said, UK government and business must also continue to act here at home, and said that is why, last autumn, as part of the Strategic Defence and Security Review, the Government allocated an extra £650m to create a National Cyber Security Programme, funding work across government, including the MOD, to strengthen our understanding of the threats and our resilience to them.
To read more about this see the story ‘Combating cyber attacks’ at Related News.
Dr Fox continued, saying:
The National Security Strategy recognises the threat of attacks from cyberspace as being in the top tier of our national security concerns. This threat is growing in scale and sophistication - my Department is a prime target.
Across the core defence networks there were an average of over a million security alerts every day.
Not all of this can be attributed to deliberate activity by adversaries - many are the result of the background noise of the internet and the unintended consequences of the interconnected environment in which we have to work. But, as I said earlier, many are potentially serious.
Dr Fox said that with the opening of the new Global Operations and Security Control Centre, the MOD has already made significant strides in ensuring that it can defend its departmental systems, but there is more to do.
He added that, working with its information and communication technology suppliers, the MOD will continue to develop the defensive capability of its systems and will continually re-evaluate its budgetary plans with the evolving threat.
But, Dr Fox continued, a new type of partnership will be required if UK government and businesses are to survive this new battle in cyberspace. He said:
Fundamentally, we must recognise that cyberspace is now where most business is done. The recent Sony incident and the phishing attacks on the Google accounts of US officials have proven that a passive approach to cyber security is not enough.
Detica’s recent study of the costs of cyber crime suggest that the aerospace and defence sector is particularly exposed - losing £1.6bn per year as a result of espionage and the theft of intellectual property.
As I look across the defence and security industries, I see a complex supply chain with many companies, all of whom use the internet to do business, and all of whom are vulnerable to cyber intrusions.
The reality is that increasingly we will worry about how seriously our suppliers take account of the cyber security threat when we are placing our business, so I am encouraged by the recent joint initiative by A D S [the UK’s Aerospace, Defence and Security Trade Organisation] and Intellect [the trade association representing the UK technology industry].
So, we will establish a new partnership with you - I will make sure that my Department plays its part by being more open about the scale and nature of the threat, and by tackling barriers to international co-operation on cyber security matters with our key allies.
But I look to you to recognise the seriousness of this issue - and to work with me to improve our national security and our competitive advantage.
See Related Links to read Dr Fox’s speech on cyber security in full.