Armed forces "fatally" reliant on IT, with no backup plans
By Stewart Mitchell
Posted on 9 Jan 2013 at 09:58
The UK's cyberdefence strategy has come under fire from the Defence Committee, with fears that British troops are "fatally" reliant on technology that isn't sufficiently protected.
The select committee report follows an investigation that included interviews with Ministry of Defence personnel. It concluded that the government needs to put in place better measures to protect its assets from cyber-attack, and provide better contingency measures should an attack prove successful.
"The Government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents," said James Arbuthnot, chair or the committee.
The report follows a significant increase in spending on cyberdefences, which were allocated £650 million in 2010, when a strategic defence and security review pushed cyberthreats up to a tier-one issue.
In the event of a sustained cyber attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology
The funding for both public and private sector organisations has shown positive results, the report found, but more remains to be done to protect critical infrastructure.
Most worrying is the fact that the committee believes there are no plans in place should an attack on UK systems cause widespread failure, which could damage both military and civilian systems.
"In the event of a sustained cyber-attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology," the committee concluded.
"We have asked the government to set out details of the contingency plans it has in place should such an attack occur. If it has none, it should say so – and urgently create some."
Chain of command
According to the MPs, there is also a lack of understanding over who would take charge in the event of a significant cyber-attack or in the event of a solar flare affecting UK systems, with concerns that confusion could lead to potentially serious delays.
"Before a 'lead government department' is identified for a particular cyber-incident there is a potential gap during which the Cabinet Office has a coordinating role but the location of executive authority is not clear," the reports said.
"It is vital that clear procedures are in place, and communicated, about how ownership of incident response is escalated when necessary from individual departments to higher, central authorities."
- Switching from iPhone to Android: what I miss, what I don't
- Tech City: Easy to score when you move the goalposts
- How to remove SkyDrive from the Windows 8.1 Explorer
- Switching from iPhone to Android? Switch off iMessage
- Why is Google pumping more money into Firefox?
- Sky Broadband Shield review
- Samsung Galaxy S4: how to double your battery life
- Motorola Moto G review: first look
- IBM Watson meets Willy Wonka
- Google’s support policies shove users towards Chrome
- The importance of load balancing
- Windows Phone App Studio: an easy way to create your first Windows Phone 8 app
- The end of Windows XP support: what it really means for businesses
- Don't rely on Chrome's password vault
- Using Buffer to manage your social media
- Microsoft needs its own Steve Jobs
- Forget credit cards: hackers want your Facebook account
- Can't get fast enough broadband? Here's what to do
- Leap Motion and the battle against UI stagnation
- How to build a really bad network