(Original script, may differ from delivered version)
I’m delighted to be joining Mrs Pribilović, Montenegrin Minister of Public Administration, to open this first in a series of three National Awareness Raising Round Tables on cyber security, this one looking at the growing threat of state-sponsored attacks in cyberspace, in order to facilitate a discussion on how best to identify and respond to these attacks, and to explore models for establishing national cyber-resilience and comprehensive cyber defences.
As our digitally connected world expands at an extraordinary rate, so to does the scale of vulnerabilities and the frequency of attacks that we face. Thousands of public and private sector organisations worldwide are falling victim to ransomware attacks. Global supply chains are being compromised. Critical national infrastructure continues to be a target for attack from nation states and cyber criminals. And we are seeing threats to our democracies from attempted outside interference.
As the British Home Secretary told an international conference in April, over the last year we’ve seen a significant increase in the scale and severity of malicious cyber activity globally. We know there are several established, capable states seeking to exploit computer and communications networks in contravention of their obligations under international law.
The UK, Montenegro and other allies are concerned about the scale and complexity of cyber attacks from hostile states, groups and individuals who use cyber tools to commit crimes, to project power, to intimidate their adversaries, and to influence and manipulate societies in a manner that makes definitive attribution difficult.
The UK National Cyber Security Centre has reported that it is currently repelling around 10 attempted cyber attacks every week and ‘hostile states’ are said to be responsible for the bulk of these. The UK believes that the majority of these attacks are perpetrated from within nation states in some way hostile to us. They are undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries.”
And so we have started to work with partners to call out this activity. You will have seen the UK’s recent attribution of a range of malicious cyber attacks to the work of the Russian Military Intelligence. This builds upon a host of cyber attacks we attributed with our international partners - including the WannaCry incident, one of the most substantial to hit the UK in terms of scale and disruption, to North Korean actors.
These are difficult and sensitive subjects. There is no perfect solution, as the way we use the internet – both for benign and malign purposes continues to evolve - so states’ responses and the steps we take to build resilience must also evolve.
The perpetrators of cyber attacks are difficult to identify because states do not attack directly, but through proxies; because of the growing use by states of cyber capabilities together with other techniques to achieve so-called hybrid attacks; and, the cumulative, destabilising effect of persistent, lower impact, state-sponsored cyber-attacks on a victim state or states.
The only effective way to face these shared threats is jointly: which is why the UK stands strong with its international partners and allies, and is working alongside them to confront, expose, and disrupt hostile or malicious activity. In the UK, we have learnt that our ability to provide successful cyber security relies on the strength of the partnerships we create: partnerships across government and agencies, and also between the public and private sectors, involving academia and civil society as appropriate.
So, the UK will continue to reaffirm our shared vision for an open, peaceful and secure digital world based on the rule of law and norms of behaviour.
Cyber security is a priority in the UK-Montenegrin bilateral relationship because it affects the security and prosperity of both our countries. It is something that President Đukanović discussed with the British government when he visited London last week. This Round Table couldn’t be more timely. I wish you fruitful and productive discussions and I look forward to building on your conclusions going forward.