Iain Lobban, the director of communications intelligence agency GCHQ, has warned that the UK is facing a very real threat from cyber attacks with organisations from a wide variety of industries targeted.
"The volume of e-crime and attacks on government and industry systems continues to be disturbing," Lobban wrote in the Times.
"I can attest to attempts to steal British ideas and designs – in the IT, technology, defence, engineering and energy sectors, as well as other industries – to gain commercial advantage or to profit from secret knowledge of contractual arrangements," he added.
"Such intellectual property theft doesn’t just cost the companies concerned; it represents an attack on the UK’s continued economic wellbeing," Lobban warned.
CBR rounds up some of the reaction to his comments:
Paul Davis, Director of Europe, FireEye
The comment made by the GCHQ about the level of Cyber Attacks being targeted at the UK comes as no real surprise. It’s vital that we see the Government take decisive action to protect our critical infrastructure, particularly with the global spotlight of the Olympics being shone on the UK in 2012.
Now is the time to stop talking about what should be done and instead start adopting proactive and defensive measures to minimise the risk of attack and mitigate its impact. The resources and budget need to be allocated and deployed so that we are no longer allowing outside entities access to confidential internal information in either the public or private sphere.
The most concerning thing about these headline-grabbing attacks are that they are just the tip of a vast iceberg of attacks that occur every day. Most attacks incorporate Web-based and Email-based infection tactics and "stealth" technology to remain under the radar once they are in the network. The state of IT security has reached this point because conventional defensive security technologies have remained relatively stagnant in the face of a fast evolving offensive threat.
The sheer volume and escalating danger of modern attacks are overwhelming limited IT resources and out manoeuvring our conventional defences. It’s time for a serious rethink about how the government, business and the security industry address the escalating problem of cybercrime and cyberwarfare.
Frank Coggrave, general manager EMEA, Guidance Software
GCHQ chief Iain Lobban’s announcement that cyber attacks on the UK are at "disturbing levels" with criminals extorting money, stealing identities and targeting the vulnerable, will come as no surprise to most.
The only way to protect individuals’ freedom and privacy is to make a concerted drive for open sharing and communication of threats. This means that government security services and commercial organisations must work together and consistently keep each other abreast of increasing risks and identified threats.
Cyber attacks are still very difficult to attribute; this is how they’ve been designed and how they continue to stay beneath the radar. Crucially, this is not just an issue for Governments and policy makers – businesses need to raise the bar on their security way beyond AV and firewalls; measures that are no longer enough to protect against today’s advanced threats.
Ross Brewer, VP and managing director for international markets, LogRhythm
While the government says it ranks cyber security as a top priority it is worrying that Chatham House believes there is a reluctance to share information with private companies. Key services are increasingly outsourced to the private sector with large proportions of critical national infrastructure under private ownership.
While international co-ordination on cyber crime is important, it is vital the government extends this approach to its private sector partners as the Advanced Persistent Threats (APTs) used by attackers to steal data specifically seek out the weak links in any system in order to penetrate networks.
Chatham House has criticised these companies for accepting high levels of risk and repeated high profile incidents have shown that public sector organisations are no strangers to data breach. Securing critical national infrastructure, and the intellectual property that generates so much revenue for the UK economy, depends on a change in the way we view the cyber threat.
Traditional perimeter security solutions will always be a key part of security strategy but it is now far more important that organisations have systems in place that can detect anomalies as they occur so that they can be responded to immediately.
All organisations now require systems to be in place that can both collect and analyse 100 percent of logs in real time – only this approach can provide the traceability needed to identify patterns in seemingly unrelated incidents. GCHQ already has its Good Practice Guide no.13 (GPG 13) in place that recommends this kind of ongoing Protective Monitoring to public sector bodies. The private sector would be well advised to take a look at the GPG 13 requirements to see how they could be integrated into their own data management and security strategies.
Mark Darvill, CTO, AEP Networks
States are engaged in an ‘arms race’ akin to that which we saw during the cold war. All major states have cyberwarfare programmes in place, (whether acknowledged or not) and are developing increasingly sophisticated techniques for both defensive and offensive purposes. The difference with the cold war is that states are actually attacking each other on a regular basis.
Many of these attacks are more like ‘reconnaissance’ missions in traditional warfare – they are designed to identify weak spots in an enemy’s national critical infrastructure and test their defences to plan for future attacks. This is why it is essential that both UK Government bodies and major private sector firms demonstrate robustness in terms of cyber defence to thwart these attacks at the first opportunity since once inside the network they become more difficult to defend against.