Phillip Hammond today said that the UK needs to develop cyber weapons in order to respond to nation-state attacks, or risk starting a military conflict.
Speaking at Microsoft's Future Decoded conference in London's ExCel Centre, the UK Chancellor emphasised the need for offensive cyber security capabilities, primarily to respond to cyber attacks by foreign governments.
The comments come ahead of the official announcement of the government's new National Cyber Security Strategy, which is expected to highlight several key national security and defence issues as well as protections for companies and private citizens.
"A small number of hostile foreign actors have developed and deployed offensive cyber capabilities, including destructive ones," he said. "These capabilities threaten the security of the UK's critical national infrastructure and our industrial control systems."
He also warned that without similar offensive technologies, the UK would be forced to either do nothing or to respond with military force in the event of an attack. "That is a choice we do not want to face, and a choice we do not want to leave as a legacy to our successors. That is why we need to develop a fully-functioning, operational cyber counter-attack capability."
Hammond appeared to have a specific foreign power in mind and made reference earlier in his speech to both the TV 5 Monde hack and the BlackEnergy attack on the Ukranian power grid - both of which have been linked to Russian state-sponsored hackers.
According to the chancellor, any future wars will be preceded by a concerted campaign of cyber attacks, designed to assess the nation's strengths and weaken its defences in preparation of a full-scale attack.
The comments were slightly contradictory to the views of Dr Ian Levy, technical director of the National Cyber Security Centre, however. Also speaking at Future Decoded, Levy warned that cyber security needed to be demystified, and accused the industry of stoking unnecessary fears in order to sell "magic amulets".
Hammond is expected to announce the full scope of the National Cyber Security Strategy later today, which is set to introduce measures to improve the nation's security infrastructure and defences, along with the pool of available experts within the workforce.
The investment will partly be used to train and retain security talent. Over 50 security specialists will be hired to the National Crime Agency's cybercrime unit, with a scheme also set up to up-skill "high-aptitude professionals".
The government will establish an innovation fund for security startups too, encouraging the development of new security applications and technologies.
Automatic defence systems have also been set up with the help of private-sector companies, which will help stop malware, phishing campaigns and other security threats before they reach the general public.
"This is a hugely important announcement which makes it clear that cyber security will be at the heart of the UK's industrial strategy," said industry body TechUK. "It is absolutely vital that Britain's businesses are cyber secure."
TechUK CEO Julian David added "Although we have some of the best cyber security capabilities in the world, we cannot be complacent about the evolving cyber threat. This new strategy is a robust and comprehensive response from Government to the growing cyber threats that we face. It is now time for businesses across the country to step up and play their part in keeping their businesses and the UK as a whole secure."
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
ASUS, Cisco, Netgear devices exploited in ongoing Chinese hacking campaignNews Critical national infrastructure is the target of sustained attempts from state-sponsored hackers, according to Five Eyes advisories
-
Off-the-shelf ransomware is spurring a new era in the Ukraine warNews Experts agreed Russian forces could be overwhelmed, forced to use less sophisticated tools to meet the regime's demands
-
2022 Public Sector Identity Index ReportWhitepaper UK Report
-
NCSC: “New class” of Russian cyber attackers seek to destroy critical infrastructureNews The cyber threat has been raised due to the heightened risk of ideologically driven cyber attacks from Russia-aligned adversaries
-
NCSC warns UK under state-sponsored spear-phishing attacks from Russia and IranNews The acceleration in spear-phishing campaigns last year coincided with the escalating conflict in Ukraine, according to the NCSC
-
NCSC founder details 'biggest regret' in underestimating organised cyber crimeNews In a rare public address, Martin also detailed his proudest achievement and how the idea for the NCSC came to be
-
Second Singtel subsidiary breach in a month sees customer and client data leakedNews The incident at Singtel subsidiary Dialog follows the earlier breach at Singtel-owned Optus, Australia's second-largest telco
-
UK, US condemn Iran for ‘unprecedented’ cyber attack against AlbaniaNews The Balkan nation has cut ties with Iran following the hack, which took down national infrastructure and exposed government information
