According to cabinet minister Steve Barclay, Britain is now the third most targeted country in the world in terms of cyber attacks by hostile states.
It’s not an encouraging statistic. Included in the announcement of the Government’s new (and the country’s first) national cybersecurity strategy, it points to a very real and present danger. And before we dive into the detail of the announcement and what it might mean for businesses and individuals, it’s worth taking a minute to consider how serious the threat really is.
A Real and Present Danger
First off, there are the attacks you don’t hear about, which are likely the most serious: those that target national security information. Cyber espionage has been evolving for years, and there’s now a clear risk that hostile actors could steal state secrets without ever having to put a foot on UK soil, potentially weakening national defence.
Then there are the ones you’ve probably heard about in theory, but which we’ve not yet seen succeed on a grand scale (thankfully): those targeting critical infrastructure. In other words, hackers looking to knock the National Grid offline, disrupt phone networks, stall broadband services. Imagine the chaos if the internet cut out across a city like Manchester, for example.
And then finally, there are the less James Bond-y ones, targeting local authorities, HMRC offices, local hospitals, and the like. You might think these attacks are less important, but if so, think again. As the Government announced last month, ‘in 2020, both Redcar & Cleveland and Hackney Councils were hit by ransomware attacks impacting council tax, benefits and housing waiting lists. Gloucester City Council was then the subject of a further cyber attack in 2021.’
People were forced to wait for the benefit payments that put food on their table, spend even longer in a hostel or on the streets – because of a cyber-attack.
A National Response
So what’s the Government proposing in response to these sustained threats to our public services?
First and foremost, central to the new strategy is the creation of a Government Cyber Coordination Centre (GCCC), designed to ‘better coordinate cyber security efforts across the public sector’ and ‘rapidly identify, investigate and coordinate the government’s response to attacks on public sector systems.’
Put another way, the Government is keen to reduce silos so that every part of the public sector can benefit from shared intelligence, reducing the chance of organisations getting left behind and succumbing to attacks.
It’s not just an internal affair, though. The Government is also proposing ‘a new vulnerability reporting service, which will allow security researchers and members of the public to easily report issues they identify with public sector digital services.’
The public sector is such a sprawling beast that any attempt to ‘defend as one’, as the project’s motto has it, risks failure if it can’t pull in enough live intelligence. What better way to keep abreast of the situation than by inviting Joe Public to get involved?
Lastly, the new strategy ‘will be backed by £37.8 million invested to help local authorities boost their cyber resilience – protecting the essential services and data on which citizens rely including housing benefit, voter registration, electoral management, school grants and the provision of social care.’
No Such Thing as too Strong a Defence
These plans are certainly good as far as they go. Greater collaboration is central to our defences, not only in terms of intelligence, but between security systems. Adversaries have already shown they are willing to exploit any gaps in defence – so for threat intelligence to be successfully gathered and shared, the barriers need to be broken down. Not just between people and departments but security systems and infrastructure.
The ideal is gaining one single view of how and where attacks are propagating. Only then is it possible to autonomously respond to threats at machine speed and realise the government’s desire to see the UK maintain its position as a cyber power on the world stage.
But it’s also worth sounding a note of caution. It’s late in the day for the UK Government to be prioritising cybersecurity strategy in this way. Although the UK’s defence agencies have been hard at work bolstering our national cybersecurity for years, it’s essential that we ramp up our commitment to collaborative defence, and fast. £37.8 million won’t go far between all the local authorities of the UK, so it’s crucial that investment goes towards efficient, intelligent systems that will maximise the speed, accuracy, and flexibility of response, 24/7, without draining already-stretched IT teams’ time on floods of security alerts.
The technology to make this a reality is increasingly available. Autonomous, integrated systems can quickly spot and track attacks, wherever they originate, reduce the chances of them evading a single point product, and act to mitigate them at speed without the need for human intervention.
The bottom line is this: the national cybersecurity strategy is talking a good game. But success will lie in taking a forward-looking approach, making the most of emerging technologies, and avoiding the mistakes of the past – from alert fatigue to siloed systems. Time will tell – but with sophisticated capabilities increasingly within reach for organisations of all sizes, there’s cause for hope.