UK army to buy subs, tanks and jets online

Ministry of Defence will buy military technology - from ammo to fighter planes - on the Internet. Could this be a hacker's dream come true?
Written by Will Knight, Contributor

The British army will soon be ordering the latest military technology at the click of a mouse thanks to a deal announced Friday.

The Ministry of Defence (MOD) launched the Defence Electronic Commerce Service (DECS) in conjunction with UK consultancy firm Cap Gemini Ernst & Young, which will supply the security infrastructure for all transactions.

While military officials said that the service would originally be used to buy up the most basic military components, one representative at Friday's briefing admitted that it would eventually be possible to buy jet fighters, tanks and submarines over the Internet.

Catalogues of more classified technology will, however, only be accessible to those with special security clearance.

Cap Gemini Ernst & Young will use Public Key Infrastructure (PKI) encryption to protect connections. This is the first time that the technology has been implemented within the UK government on a major scale.

"This is the next big step in the revolution of military logistics," said Minister of State for Defence John Spellar of the announcement.

Chief technical officer at Cap Gemini Ernst & Young Andy Mullholland, however, concedes that the security of the system DECS will likely be put to the test by computer hackers hoping to gain notoriety. "It has to be a target," he says. "Think of the kudos for a hacker if they got into the MOD."

Nevertheless, he believes that the infrastructure his company has implemented offers unrivalled protection. The PKI infrastructure establishes an encrypted connection between a user and a intermediary tracking system. This identifies a user and sends requests over another encrypted connection to the host server.

Mullholland believes that this added layer of security makes the system considerably more secure than many commercial systems.

"This is the reason CESG [Communications-Electronics Security Group] was very much involved in rating the risk. We have been amazed how some companies are setting themselves up to be hacked," he says.

Take me to the Summer of Hacking Special

Take me to Hackers

What do you think? Tell the Mailroom. And read what others have said.

Editorial standards