Armed forces "fatally" reliant on IT, with no backup plans
By Stewart Mitchell
Posted on 9 Jan 2013 at 09:58
The UK's cyberdefence strategy has come under fire from the Defence Committee, with fears that British troops are "fatally" reliant on technology that isn't sufficiently protected.
The select committee report follows an investigation that included interviews with Ministry of Defence personnel. It concluded that the government needs to put in place better measures to protect its assets from cyber-attack, and provide better contingency measures should an attack prove successful.
"The Government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents," said James Arbuthnot, chair or the committee.
The report follows a significant increase in spending on cyberdefences, which were allocated £650 million in 2010, when a strategic defence and security review pushed cyberthreats up to a tier-one issue.
In the event of a sustained cyber attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology
The funding for both public and private sector organisations has shown positive results, the report found, but more remains to be done to protect critical infrastructure.
Most worrying is the fact that the committee believes there are no plans in place should an attack on UK systems cause widespread failure, which could damage both military and civilian systems.
"In the event of a sustained cyber-attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology," the committee concluded.
"We have asked the government to set out details of the contingency plans it has in place should such an attack occur. If it has none, it should say so – and urgently create some."
Chain of command
According to the MPs, there is also a lack of understanding over who would take charge in the event of a significant cyber-attack or in the event of a solar flare affecting UK systems, with concerns that confusion could lead to potentially serious delays.
"Before a 'lead government department' is identified for a particular cyber-incident there is a potential gap during which the Cabinet Office has a coordinating role but the location of executive authority is not clear," the reports said.
"It is vital that clear procedures are in place, and communicated, about how ownership of incident response is escalated when necessary from individual departments to higher, central authorities."
Is your business a social business? For helpful info and tips visit our hub.
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- How to turn off Google Location Tracking
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office