Spy chief: UK cyber attacks at 'disturbing' levels

Spy chief: UK cyber attacks at 'disturbing' levels

Summary: The UK's critical national infrastructure is under increased threats from cyber attacks, the UK's largest intelligence agency chief warns.

TOPICS: Security

Cyber attacks against the UK government and its critical national infrastructure is at "disturbing levels", according to the director of Britain's electronics eavesdropping intelligence agency, GCHQ.

Iain Lobham, the director of the Government Communications Headquarters, which made a name for itself during the Second World War effort to crack the Nazi Enigma code, warned that the "UK's continued economic well being" was under threat.

(Source: Wikimedia, CC)

Today, in a piece for The Times newspaper (subscription required), sensitive data on government computers, along with defence, technology and engineering firms, continue to be targeted.

"I can attest to attempts to steal British ideas and designs -- in the IT, technology, defence, engineering and energy sectors as well as other industries -- to gain commercial advantage or to profit from secret knowledge of contractual arrangements", he wrote.

There was one instance, he recalls, where there had been a "significant, yet unsuccessful" web-based attack on the Foreign Office computer systems, only within the past few months.

An email sent to three Foreign Office staff, that appeared to come from a colleague in the same office, actually originated from a "hostile state intelligence agency" that contained "code embedded in the attached document" which could have attacked the computer; a seemingly rudimentary method of electronic assault, yet nevertheless still often used for the weak-link human error factor.

GCHQ -- similar to that of the U.S. National Security Agency -- on a daily basis contends with hundreds of cyber attacks, both domestic and foreign, and is charged by government to act offensively against such attacks, whilst defensively to protect national infrastructure. The 'spy agency' works regularly with domestic security service MI5, and foreign intelligence service MI6, to prevent attacks on the mainland UK and British interests abroad.

Lobham's article comes ahead of a two-day conference in London on cyber security, with aims to bringing together political leaders and technologists from around the world, in a bid to solve some of the toughest e-crime and government security issues.

Foreign secretary William Hague, the cabinet minister in charge of the Foreign Office where some of the cyber attacks happened, told The Times that there was an "exponential" rise in such attacks, with particular data-intensive databases pertaining to 'National Insurance' (social security) and tax systems "liable to attack".

The BBC notes that the UK's Ministry of Defence thwarted more than 1,000 cyber attacks in the last year alone, from criminals to foreign intelligence services. The Guardian also added that the UK's Serious Organised Crime Agency, which made headlines earlier this year after it came under attack by hacktivist group LulzSec, prevented over £300 million ($480 million) of credit card fraud, according to Hague.

Britain is to invest more than £650 million ($1 billion) in bolstering e-security over the next four years of the current parliament.


Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Spy chief: UK cyber attacks at 'disturbing' levels

    I suspect this is the tip of the iceberg, I doubt if the MoD or any other government dept. even has the faintest idea what hardware & software it's actually using let alone the scale of attacks.

    I'll bet there are still people huddled away in obscure little departments using Windows95, or even 3.11.
    • RE: Spy chief: UK cyber attacks at 'disturbing' levels

      My previous employer has a couple of those old machines but they are used as stand alones to drive instruments for which no software upgrades exist. They are not on the corporate network and do not have internet access.
  • RE: Spy chief: UK cyber attacks at 'disturbing' levels

    Thank you, @Zack, probably the most coherent and interesting "heads up" article I have read from you in a long time.
  • theey are marketing the public

    I dont expect most of you to understand this, but they are sensationalizing these stories for a purpose. They will continue to stream in bits and bytes of fear to build their case for a quiet clamp down on the internet.
    They will continue to manipulate the masses to the point they public will actually stand up and say "yes! we need this protection!".
    Those in charge have seen the power of the internet to coordinate and communicate to the people and they fear this.
    Twiddle away and fail to see their long term goal and it will be too late to stop.
    • Conspiracy Theory?

      There have been increasing stories of state sponsered attacks over the last several year. I think that these are real attacks by hostile states. Stuxnet was aimed apparently at the Iranian nuclear industry with some results. There may be a bit of a conspiracy among some states to reduce the easy access provided by the internet. I think that the genie is out of the bottle and people will find other ways around government blocks. The Great Chines firewall is a good example and a better example was how Egypt cut off the internet before Mubarak was kicked out.
      • RE: Spy chief: UK cyber attacks at 'disturbing' levels

        @sboverie@... As I said, I dont expect most to understand.
        You do a great job regurgitating the news stories there.

        How about trying to understand why there are increasing stories. Ask why is this information being released. Why is a UK Spy chief giving an interview about this?
        Why is there a leaked report on Sunday from the Canadian Security Intelligence Service (CSIS) about an impending Cyber attack?

        Our Intelligence community works from a "Public doesn't need to know" style unless they want us to know. There is always a reason.
  • RE: Spy chief: UK cyber attacks at 'disturbing' levels

    The funny thing is that many don't see the other side of the story.

    Sure, a "hostile state intelligence agency" (3 guesses as to what country that could be) might be attacking the UK's infrastructure and stealing secrets. Should that disturb the keepers of those secrets? Of course it should. Should it spurn on investment into protecting these secrets? Yes, it should.

    But it's naive to think that we are totally defenseless against this- "Western nations are totally helpless against cyberattacks from (country name) " is a tagline people who don't see the other side of the story use.

    You think that the US government isn't capable of shutting down the infrastructure of an attacking country such as China? You think that the UK government isn't actively involved in stealing secrets and examining information that foreign governments create?
    You think that the US doesn't already have the design documents for the J-20 fighter jet in its possession? Or that the J-20 wasn't partially developed using US designs?

    Think about it. It's an attacker's world out there- whoever strikes first wins and the defenders can't effectively defend anyways (as proven by entities like LulzSec)- even if they used better security than plaintext (Sony had no excuse) they would still fall in time.
  • yawn

    gee, computer attached to internet is hacked...
    No computer is safe attached to the internet or not. It is in fact safer to use very old software on very old machines AND NEVER LET THEM NEAR THE INTERNET.

    Newer machines, newer software all have backdoors built in that can invisibly transmit IP even if only very sporadically attached to the internet, or if a USB/SD card is rarely used. This is kept secret and hidden by the vast amount of ordinary hacking activity which is just a red herring for the real stuff...
    How does microsoft stay immune? No really, how is MS immune - how does Bill and Steve and all the others get to use email and mobile phones without being hacked? Is there some sort of billionaires cabal that is immune? HOW? They use the same infrastructure as the rest of us don't they? How come the really big boyz don't get hacked?
    hmmm? Are you too scared to ask?