Armed forces "fatally" reliant on IT, with no backup plans
By Stewart Mitchell
Posted on 9 Jan 2013 at 09:58
The UK's cyberdefence strategy has come under fire from the Defence Committee, with fears that British troops are "fatally" reliant on technology that isn't sufficiently protected.
The select committee report follows an investigation that included interviews with Ministry of Defence personnel. It concluded that the government needs to put in place better measures to protect its assets from cyber-attack, and provide better contingency measures should an attack prove successful.
"The Government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents," said James Arbuthnot, chair or the committee.
The report follows a significant increase in spending on cyberdefences, which were allocated £650 million in 2010, when a strategic defence and security review pushed cyberthreats up to a tier-one issue.
In the event of a sustained cyber attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology
The funding for both public and private sector organisations has shown positive results, the report found, but more remains to be done to protect critical infrastructure.
Most worrying is the fact that the committee believes there are no plans in place should an attack on UK systems cause widespread failure, which could damage both military and civilian systems.
"In the event of a sustained cyber-attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology," the committee concluded.
"We have asked the government to set out details of the contingency plans it has in place should such an attack occur. If it has none, it should say so – and urgently create some."
Chain of command
According to the MPs, there is also a lack of understanding over who would take charge in the event of a significant cyber-attack or in the event of a solar flare affecting UK systems, with concerns that confusion could lead to potentially serious delays.
"Before a 'lead government department' is identified for a particular cyber-incident there is a potential gap during which the Cabinet Office has a coordinating role but the location of executive authority is not clear," the reports said.
"It is vital that clear procedures are in place, and communicated, about how ownership of incident response is escalated when necessary from individual departments to higher, central authorities."
- Google Glass: mugger bait, pub problem and other lessons learned from two dangerous weeks
- Twitter, please don't fiddle with my feed
- How Satya Nadella can get some pay-raise karma
- Windows 10: a step back to go forward
- Michael Dell: Cloud infrastructure is the roads, bridges and highways of the 21st century
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office