Government planning cyber weapons factory?
Reports suggest the Government is to openly initiate cyber weapons production, as the MoD says cyber attacks will work in parallel with "conventional actions."
The Government has started work on creating a range of cyber weapons as it looks to beef up its arsenal to protect the nation, according to a report.
In the first official recognition of such an initiative, the Cabinet Office and Cyber Security Operations Centre at GCHQ have taken hold of the programme, sources told the Guardian today.
"We need a toolbox of capabilities and that's what we are currently developing," said armed forces minister, Nick Harvey.
"The circumstances and manner in which we would use them are broadly analogous to what we would do in any other domain."
The Ministry of Defence (MoD) was reticent about a cyber weapons project when IT PRO contacted the department, although outlined a number of ways in which the Government was to shift focus in the security space.
In particular, it said "future conflict will see cyber operations conducted in parallel with more conventional actions in the sea, land and air operations."
"Therefore we must plan, train, exercise and operate in a way which integrates our activities in both cyber and physical space," an MoD spokesperson said.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"We will grow a cadre of dedicated cyber experts to support our own and allied cyber operations and secure our vital networks."
The 650 million National Cyber Security Programme (NCSP) announced last year will be used to overhaul the UK's cyber security approach.
Future conflict will see cyber operations conducted in parallel with more conventional actions in the sea, land and air operations.
The MoD was unable to discuss the funding of individual components of the NCSP.
However, it is establishing a Defence Cyber Operations Group to help "embed cyber security within defence, incorporating cyber into strategic concepts and doctrine."
"Due to the complex nature of cyberspace, improving the UK's cyber security requires a multi-faceted approach involving a number of Government departments and agencies working in close partnership with industry and academia," the spokesperson added.
"Government will commence a transformative national cyber security programme which will aim to give the UK a security advantage in cyber security and resilience."
Earlier this month, the Chancellor of the Exchequer, George Osborne, admitted the UK Government's Treasury was hit by targeted attacks on average more than once a day in 2010.
Risky behaviour?
Cyber security professionals have raised concerns over any potential cyber arms scheme, whilst suggesting the revelations are public announcements of operations which have been going on behind the scenes for some time.
Jose Nazario, senior security researcher Arbor Networks, was worried the UK was not going to back up its announcements with genuine investments.
"The announcement is partly a means of achieving deterrence, namely that the UK is willing to both defend its assets in kind and to possibly strike at others. The risk in this, of course, is if the deterrence is not credibly backed up," Nazario told IT PRO.
"I expect this to play out for a few more years both in terms of demonstrating such capabilities against rivals and investments to increase their capabilities."
David Harley, senior research fellow at ESET UK, was concerned political aspirations would determine what moves the Government would make, rather than actual necessity.
"Security and intelligence are difficult and wide-ranging areas, and sooner or later, political expediency will mean that mistakes will be made," Harley said.
"Necessary measures will be dropped or skimped on because of economic pressures, inappropriate and/or inadequate measures will attract funding because it's a way for elected officials to be seen to be doing something. The whole security theatre' problem is based on the political assumption that it's better to do something visible but half-baked than to do something effective but invisible."
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.