Chatham House report critical of institutions for putting up with high level of risk
The UK government is reportedly not doing enough to protect critical systems such as power and water from cyber attacks, according to think tank Chatham House.
The BBC reported that Chatham House said it found that some institutions were reluctant to share information with institutions that might be targeted by cyber criminals. The think tank was alos critical of the institutions for putting up with an "unacceptably high level of risk."
The UK government, which is expected to release a new cyber security plan soon, has pledged to fight against cyber crime. It has earmarked £650m of additional funding last year towards cyber security, of which £130m is supposed to be spent for critical infrastructure projects.
The Chatham House report raises concerns over the use of funds considering "the vast majority of critical infrastructure in the UK is privately owned."
Chatham House cyber security researcher David Clemente told the BBC, "Many only pay attention to it [cyber threat] after something unpleasant has happened to them or a competitor and they realise they have to pay attention, perhaps throw some money at the problem."
Earlier this year, a government report said that cyber crime is costing the UK economy £27bn every year with businesses being the most affected.
The security minister Baroness Neville-Jones announced the report that was commissioned by the Cabinet Office into the integrity of computer systems and threats of industrial espionage.
Companies in the pharmaceutical, biotech, IT and chemical sectors are the worst hit according to the study by the Office of Cyber Security and Information Assurance.
The report said that large companies are being targeted and loss through intellectual property (IP) theft was £9.2bn, industrial espionage was £7.6bn and extortion was £2.2bn.
Overall, in the UK while businesses lost £21bn, while individual Britons lost £3.1bn and government lost £3.1bn. The Cabinet Office said that the real loss could be higher.
Security minister Baroness Neville-Jones said the government was determined to work with industry to tackle cyber crime.
Cyber security of critical infrastructure has assumed significane in the wake of the Stuxnet worm attack, which paralysed Iran’s nuclear facilities.
Iran has claimed that German engineering company Siemens helped the US and Israel to launch the computer worm Stuxnet against its nuclear facilities, which slowed down the centrifuges without the knowledge of scientists working on the project.